CameraService.cpp revision f51fca277eb5b86bd0b2e3fc90ecb2b63089de29
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#define LOG_TAG "CameraService" 18#define ATRACE_TAG ATRACE_TAG_CAMERA 19//#define LOG_NDEBUG 0 20 21#include <algorithm> 22#include <climits> 23#include <stdio.h> 24#include <cstring> 25#include <ctime> 26#include <string> 27#include <sys/types.h> 28#include <inttypes.h> 29#include <pthread.h> 30 31#include <android/hardware/ICamera.h> 32#include <android/hardware/ICameraClient.h> 33 34#include <android-base/macros.h> 35#include <binder/AppOpsManager.h> 36#include <binder/IPCThreadState.h> 37#include <binder/IServiceManager.h> 38#include <binder/MemoryBase.h> 39#include <binder/MemoryHeapBase.h> 40#include <binder/ProcessInfoService.h> 41#include <cutils/atomic.h> 42#include <cutils/properties.h> 43#include <gui/Surface.h> 44#include <hardware/hardware.h> 45#include <memunreachable/memunreachable.h> 46#include <media/AudioSystem.h> 47#include <media/IMediaHTTPService.h> 48#include <media/mediaplayer.h> 49#include <mediautils/BatteryNotifier.h> 50#include <utils/Errors.h> 51#include <utils/Log.h> 52#include <utils/String16.h> 53#include <utils/Trace.h> 54#include <private/android_filesystem_config.h> 55#include <system/camera_vendor_tags.h> 56#include <system/camera_metadata.h> 57#include <system/camera.h> 58 59#include "CameraService.h" 60#include "api1/CameraClient.h" 61#include "api1/Camera2Client.h" 62#include "api2/CameraDeviceClient.h" 63#include "utils/CameraTraces.h" 64 65namespace { 66 const char* kPermissionServiceName = "permission"; 67}; // namespace anonymous 68 69namespace android { 70 71using binder::Status; 72using hardware::ICamera; 73using hardware::ICameraClient; 74using hardware::ICameraServiceListener; 75using hardware::camera::common::V1_0::CameraDeviceStatus; 76using hardware::camera::common::V1_0::TorchModeStatus; 77 78// ---------------------------------------------------------------------------- 79// Logging support -- this is for debugging only 80// Use "adb shell dumpsys media.camera -v 1" to change it. 81volatile int32_t gLogLevel = 0; 82 83#define LOG1(...) ALOGD_IF(gLogLevel >= 1, __VA_ARGS__); 84#define LOG2(...) ALOGD_IF(gLogLevel >= 2, __VA_ARGS__); 85 86static void setLogLevel(int level) { 87 android_atomic_write(level, &gLogLevel); 88} 89 90// Convenience methods for constructing binder::Status objects for error returns 91 92#define STATUS_ERROR(errorCode, errorString) \ 93 binder::Status::fromServiceSpecificError(errorCode, \ 94 String8::format("%s:%d: %s", __FUNCTION__, __LINE__, errorString)) 95 96#define STATUS_ERROR_FMT(errorCode, errorString, ...) \ 97 binder::Status::fromServiceSpecificError(errorCode, \ 98 String8::format("%s:%d: " errorString, __FUNCTION__, __LINE__, \ 99 __VA_ARGS__)) 100 101// ---------------------------------------------------------------------------- 102 103extern "C" { 104static void camera_device_status_change( 105 const struct camera_module_callbacks* callbacks, 106 int camera_id, 107 int new_status) { 108 sp<CameraService> cs = const_cast<CameraService*>( 109 static_cast<const CameraService*>(callbacks)); 110 String8 id = String8::format("%d", camera_id); 111 112 CameraDeviceStatus newStatus{CameraDeviceStatus::NOT_PRESENT}; 113 switch (new_status) { 114 case CAMERA_DEVICE_STATUS_NOT_PRESENT: 115 newStatus = CameraDeviceStatus::NOT_PRESENT; 116 break; 117 case CAMERA_DEVICE_STATUS_PRESENT: 118 newStatus = CameraDeviceStatus::PRESENT; 119 break; 120 case CAMERA_DEVICE_STATUS_ENUMERATING: 121 newStatus = CameraDeviceStatus::ENUMERATING; 122 break; 123 default: 124 ALOGW("Unknown device status change to %d", new_status); 125 break; 126 } 127 cs->onDeviceStatusChanged(id, newStatus); 128} 129 130static void torch_mode_status_change( 131 const struct camera_module_callbacks* callbacks, 132 const char* camera_id, 133 int new_status) { 134 if (!callbacks || !camera_id) { 135 ALOGE("%s invalid parameters. callbacks %p, camera_id %p", __FUNCTION__, 136 callbacks, camera_id); 137 } 138 sp<CameraService> cs = const_cast<CameraService*>( 139 static_cast<const CameraService*>(callbacks)); 140 141 TorchModeStatus status; 142 switch (new_status) { 143 case TORCH_MODE_STATUS_NOT_AVAILABLE: 144 status = TorchModeStatus::NOT_AVAILABLE; 145 break; 146 case TORCH_MODE_STATUS_AVAILABLE_OFF: 147 status = TorchModeStatus::AVAILABLE_OFF; 148 break; 149 case TORCH_MODE_STATUS_AVAILABLE_ON: 150 status = TorchModeStatus::AVAILABLE_ON; 151 break; 152 default: 153 ALOGE("Unknown torch status %d", new_status); 154 return; 155 } 156 157 cs->onTorchStatusChanged( 158 String8(camera_id), 159 status); 160} 161} // extern "C" 162 163// ---------------------------------------------------------------------------- 164 165// This is ugly and only safe if we never re-create the CameraService, but 166// should be ok for now. 167static CameraService *gCameraService; 168 169CameraService::CameraService() : 170 mEventLog(DEFAULT_EVENT_LOG_LENGTH), 171 mNumberOfCameras(0), mNumberOfNormalCameras(0), 172 mSoundRef(0), mModule(nullptr) { 173 ALOGI("CameraService started (pid=%d)", getpid()); 174 gCameraService = this; 175 176 this->camera_device_status_change = android::camera_device_status_change; 177 this->torch_mode_status_change = android::torch_mode_status_change; 178 179 mServiceLockWrapper = std::make_shared<WaitableMutexWrapper>(&mServiceLock); 180} 181 182void CameraService::onFirstRef() 183{ 184 ALOGI("CameraService process starting"); 185 186 BnCameraService::onFirstRef(); 187 188 // Update battery life tracking if service is restarting 189 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 190 notifier.noteResetCamera(); 191 notifier.noteResetFlashlight(); 192 193 camera_module_t *rawModule; 194 int err = hw_get_module(CAMERA_HARDWARE_MODULE_ID, 195 (const hw_module_t **)&rawModule); 196 if (err < 0) { 197 ALOGE("Could not load camera HAL module: %d (%s)", err, strerror(-err)); 198 logServiceError("Could not load camera HAL module", err); 199 return; 200 } 201 202 mModule = new CameraModule(rawModule); 203 err = mModule->init(); 204 if (err != OK) { 205 ALOGE("Could not initialize camera HAL module: %d (%s)", err, 206 strerror(-err)); 207 logServiceError("Could not initialize camera HAL module", err); 208 209 delete mModule; 210 mModule = nullptr; 211 return; 212 } 213 ALOGI("Loaded \"%s\" camera module", mModule->getModuleName()); 214 215 mNumberOfCameras = mModule->getNumberOfCameras(); 216 mNumberOfNormalCameras = mNumberOfCameras; 217 218 // Setup vendor tags before we call get_camera_info the first time 219 // because HAL might need to setup static vendor keys in get_camera_info 220 VendorTagDescriptor::clearGlobalVendorTagDescriptor(); 221 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_2) { 222 setUpVendorTags(); 223 } 224 225 mFlashlight = new CameraFlashlight(*mModule, *this); 226 status_t res = mFlashlight->findFlashUnits(); 227 if (res) { 228 // impossible because we haven't open any camera devices. 229 ALOGE("Failed to find flash units."); 230 } 231 232 int latestStrangeCameraId = INT_MAX; 233 for (int i = 0; i < mNumberOfCameras; i++) { 234 String8 cameraId = String8::format("%d", i); 235 236 // Get camera info 237 238 struct camera_info info; 239 bool haveInfo = true; 240 status_t rc = mModule->getCameraInfo(i, &info); 241 if (rc != NO_ERROR) { 242 ALOGE("%s: Received error loading camera info for device %d, cost and" 243 " conflicting devices fields set to defaults for this device.", 244 __FUNCTION__, i); 245 haveInfo = false; 246 } 247 248 // Check for backwards-compatibility support 249 if (haveInfo) { 250 if (checkCameraCapabilities(i, info, &latestStrangeCameraId) != OK) { 251 delete mModule; 252 mModule = nullptr; 253 return; 254 } 255 } 256 257 // Defaults to use for cost and conflicting devices 258 int cost = 100; 259 char** conflicting_devices = nullptr; 260 size_t conflicting_devices_length = 0; 261 262 // If using post-2.4 module version, query the cost + conflicting devices from the HAL 263 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_4 && haveInfo) { 264 cost = info.resource_cost; 265 conflicting_devices = info.conflicting_devices; 266 conflicting_devices_length = info.conflicting_devices_length; 267 } 268 269 std::set<String8> conflicting; 270 for (size_t i = 0; i < conflicting_devices_length; i++) { 271 conflicting.emplace(String8(conflicting_devices[i])); 272 } 273 274 // Initialize state for each camera device 275 { 276 Mutex::Autolock lock(mCameraStatesLock); 277 mCameraStates.emplace(cameraId, std::make_shared<CameraState>(cameraId, cost, 278 conflicting)); 279 } 280 281 if (mFlashlight->hasFlashUnit(cameraId)) { 282 mTorchStatusMap.add(cameraId, 283 TorchModeStatus::AVAILABLE_OFF); 284 } 285 } 286 287 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_1) { 288 mModule->setCallbacks(this); 289 } 290 291 CameraService::pingCameraServiceProxy(); 292} 293 294sp<ICameraServiceProxy> CameraService::getCameraServiceProxy() { 295 sp<ICameraServiceProxy> proxyBinder = nullptr; 296#ifndef __BRILLO__ 297 sp<IServiceManager> sm = defaultServiceManager(); 298 // Use checkService because cameraserver normally starts before the 299 // system server and the proxy service. So the long timeout that getService 300 // has before giving up is inappropriate. 301 sp<IBinder> binder = sm->checkService(String16("media.camera.proxy")); 302 if (binder != nullptr) { 303 proxyBinder = interface_cast<ICameraServiceProxy>(binder); 304 } 305#endif 306 return proxyBinder; 307} 308 309void CameraService::pingCameraServiceProxy() { 310 sp<ICameraServiceProxy> proxyBinder = getCameraServiceProxy(); 311 if (proxyBinder == nullptr) return; 312 proxyBinder->pingForUserUpdate(); 313} 314 315CameraService::~CameraService() { 316 if (mModule) { 317 delete mModule; 318 mModule = nullptr; 319 } 320 VendorTagDescriptor::clearGlobalVendorTagDescriptor(); 321 gCameraService = nullptr; 322} 323 324void CameraService::onDeviceStatusChanged(const String8& id, 325 CameraDeviceStatus newHalStatus) { 326 ALOGI("%s: Status changed for cameraId=%s, newStatus=%d", __FUNCTION__, 327 id.string(), newHalStatus); 328 329 StatusInternal newStatus = mapToInternal(newHalStatus); 330 331 std::shared_ptr<CameraState> state = getCameraState(id); 332 333 if (state == nullptr) { 334 ALOGE("%s: Bad camera ID %s", __FUNCTION__, id.string()); 335 return; 336 } 337 338 StatusInternal oldStatus = state->getStatus(); 339 340 if (oldStatus == newStatus) { 341 ALOGE("%s: State transition to the same status %#x not allowed", __FUNCTION__, newStatus); 342 return; 343 } 344 345 if (newStatus == StatusInternal::NOT_PRESENT) { 346 logDeviceRemoved(id, String8::format("Device status changed from %d to %d", oldStatus, 347 newStatus)); 348 sp<BasicClient> clientToDisconnect; 349 { 350 // Don't do this in updateStatus to avoid deadlock over mServiceLock 351 Mutex::Autolock lock(mServiceLock); 352 353 // Set the device status to NOT_PRESENT, clients will no longer be able to connect 354 // to this device until the status changes 355 updateStatus(StatusInternal::NOT_PRESENT, id); 356 357 // Remove cached shim parameters 358 state->setShimParams(CameraParameters()); 359 360 // Remove the client from the list of active clients 361 clientToDisconnect = removeClientLocked(id); 362 363 // Notify the client of disconnection 364 clientToDisconnect->notifyError( 365 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 366 CaptureResultExtras{}); 367 } 368 369 ALOGI("%s: Client for camera ID %s evicted due to device status change from HAL", 370 __FUNCTION__, id.string()); 371 372 // Disconnect client 373 if (clientToDisconnect.get() != nullptr) { 374 // Ensure not in binder RPC so client disconnect PID checks work correctly 375 LOG_ALWAYS_FATAL_IF(getCallingPid() != getpid(), 376 "onDeviceStatusChanged must be called from the camera service process!"); 377 clientToDisconnect->disconnect(); 378 } 379 380 } else { 381 if (oldStatus == StatusInternal::NOT_PRESENT) { 382 logDeviceAdded(id, String8::format("Device status changed from %d to %d", oldStatus, 383 newStatus)); 384 } 385 updateStatus(newStatus, id); 386 } 387 388} 389 390void CameraService::onTorchStatusChanged(const String8& cameraId, 391 TorchModeStatus newStatus) { 392 Mutex::Autolock al(mTorchStatusMutex); 393 onTorchStatusChangedLocked(cameraId, newStatus); 394} 395 396void CameraService::onTorchStatusChangedLocked(const String8& cameraId, 397 TorchModeStatus newStatus) { 398 ALOGI("%s: Torch status changed for cameraId=%s, newStatus=%d", 399 __FUNCTION__, cameraId.string(), newStatus); 400 401 TorchModeStatus status; 402 status_t res = getTorchStatusLocked(cameraId, &status); 403 if (res) { 404 ALOGE("%s: cannot get torch status of camera %s: %s (%d)", 405 __FUNCTION__, cameraId.string(), strerror(-res), res); 406 return; 407 } 408 if (status == newStatus) { 409 return; 410 } 411 412 res = setTorchStatusLocked(cameraId, newStatus); 413 if (res) { 414 ALOGE("%s: Failed to set the torch status to %d: %s (%d)", __FUNCTION__, 415 (uint32_t)newStatus, strerror(-res), res); 416 return; 417 } 418 419 { 420 // Update battery life logging for flashlight 421 Mutex::Autolock al(mTorchUidMapMutex); 422 auto iter = mTorchUidMap.find(cameraId); 423 if (iter != mTorchUidMap.end()) { 424 int oldUid = iter->second.second; 425 int newUid = iter->second.first; 426 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 427 if (oldUid != newUid) { 428 // If the UID has changed, log the status and update current UID in mTorchUidMap 429 if (status == TorchModeStatus::AVAILABLE_ON) { 430 notifier.noteFlashlightOff(cameraId, oldUid); 431 } 432 if (newStatus == TorchModeStatus::AVAILABLE_ON) { 433 notifier.noteFlashlightOn(cameraId, newUid); 434 } 435 iter->second.second = newUid; 436 } else { 437 // If the UID has not changed, log the status 438 if (newStatus == TorchModeStatus::AVAILABLE_ON) { 439 notifier.noteFlashlightOn(cameraId, oldUid); 440 } else { 441 notifier.noteFlashlightOff(cameraId, oldUid); 442 } 443 } 444 } 445 } 446 447 { 448 Mutex::Autolock lock(mStatusListenerLock); 449 for (auto& i : mListenerList) { 450 i->onTorchStatusChanged(mapToInterface(newStatus), String16{cameraId}); 451 } 452 } 453} 454 455Status CameraService::getNumberOfCameras(int32_t type, int32_t* numCameras) { 456 ATRACE_CALL(); 457 switch (type) { 458 case CAMERA_TYPE_BACKWARD_COMPATIBLE: 459 *numCameras = mNumberOfNormalCameras; 460 break; 461 case CAMERA_TYPE_ALL: 462 *numCameras = mNumberOfCameras; 463 break; 464 default: 465 ALOGW("%s: Unknown camera type %d", 466 __FUNCTION__, type); 467 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 468 "Unknown camera type %d", type); 469 } 470 return Status::ok(); 471} 472 473Status CameraService::getCameraInfo(int cameraId, 474 CameraInfo* cameraInfo) { 475 ATRACE_CALL(); 476 if (!mModule) { 477 return STATUS_ERROR(ERROR_DISCONNECTED, 478 "Camera subsystem is not available"); 479 } 480 481 if (cameraId < 0 || cameraId >= mNumberOfCameras) { 482 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 483 "CameraId is not valid"); 484 } 485 486 struct camera_info info; 487 Status rc = filterGetInfoErrorCode( 488 mModule->getCameraInfo(cameraId, &info)); 489 490 if (rc.isOk()) { 491 cameraInfo->facing = info.facing; 492 cameraInfo->orientation = info.orientation; 493 // CameraInfo is for android.hardware.Camera which does not 494 // support external camera facing. The closest approximation would be 495 // front camera. 496 if (cameraInfo->facing == CAMERA_FACING_EXTERNAL) { 497 cameraInfo->facing = CAMERA_FACING_FRONT; 498 } 499 } 500 return rc; 501} 502 503int CameraService::cameraIdToInt(const String8& cameraId) { 504 errno = 0; 505 size_t pos = 0; 506 int ret = stoi(std::string{cameraId.string()}, &pos); 507 if (errno != 0 || pos != cameraId.size()) { 508 return -1; 509 } 510 return ret; 511} 512 513Status CameraService::getCameraCharacteristics(const String16& id, 514 CameraMetadata* cameraInfo) { 515 ATRACE_CALL(); 516 if (!cameraInfo) { 517 ALOGE("%s: cameraInfo is NULL", __FUNCTION__); 518 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "cameraInfo is NULL"); 519 } 520 521 if (!mModule) { 522 ALOGE("%s: camera hardware module doesn't exist", __FUNCTION__); 523 return STATUS_ERROR(ERROR_DISCONNECTED, 524 "Camera subsystem is not available");; 525 } 526 527 int cameraId = cameraIdToInt(String8(id)); 528 529 if (cameraId < 0 || cameraId >= mNumberOfCameras) { 530 ALOGE("%s: Invalid camera id: %d", __FUNCTION__, cameraId); 531 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 532 "Invalid camera id: %d", cameraId); 533 } 534 535 int facing; 536 Status ret; 537 if (mModule->getModuleApiVersion() < CAMERA_MODULE_API_VERSION_2_0 || 538 getDeviceVersion(cameraId, &facing) < CAMERA_DEVICE_API_VERSION_3_0) { 539 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, "Can't get camera characteristics" 540 " for devices with HAL version < 3.0, %d is version %x", cameraId, 541 getDeviceVersion(cameraId, &facing)); 542 } 543 struct camera_info info; 544 ret = filterGetInfoErrorCode(mModule->getCameraInfo(cameraId, &info)); 545 if (ret.isOk()) { 546 *cameraInfo = info.static_camera_characteristics; 547 } 548 549 return ret; 550} 551 552int CameraService::getCallingPid() { 553 return IPCThreadState::self()->getCallingPid(); 554} 555 556int CameraService::getCallingUid() { 557 return IPCThreadState::self()->getCallingUid(); 558} 559 560String8 CameraService::getFormattedCurrentTime() { 561 time_t now = time(nullptr); 562 char formattedTime[64]; 563 strftime(formattedTime, sizeof(formattedTime), "%m-%d %H:%M:%S", localtime(&now)); 564 return String8(formattedTime); 565} 566 567int CameraService::getCameraPriorityFromProcState(int procState) { 568 // Find the priority for the camera usage based on the process state. Higher priority clients 569 // win for evictions. 570 if (procState < 0) { 571 ALOGE("%s: Received invalid process state %d from ActivityManagerService!", __FUNCTION__, 572 procState); 573 return -1; 574 } 575 // Treat sleeping TOP processes the same as regular TOP processes, for 576 // access priority. This is important for lock-screen camera launch scenarios 577 if (procState == PROCESS_STATE_TOP_SLEEPING) { 578 procState = PROCESS_STATE_TOP; 579 } 580 return INT_MAX - procState; 581} 582 583Status CameraService::getCameraVendorTagDescriptor( 584 /*out*/ 585 hardware::camera2::params::VendorTagDescriptor* desc) { 586 ATRACE_CALL(); 587 if (!mModule) { 588 ALOGE("%s: camera hardware module doesn't exist", __FUNCTION__); 589 return STATUS_ERROR(ERROR_DISCONNECTED, "Camera subsystem not available"); 590 } 591 sp<VendorTagDescriptor> globalDescriptor = VendorTagDescriptor::getGlobalVendorTagDescriptor(); 592 if (globalDescriptor != nullptr) { 593 *desc = *(globalDescriptor.get()); 594 } 595 return Status::ok(); 596} 597 598int CameraService::getDeviceVersion(int cameraId, int* facing) { 599 ATRACE_CALL(); 600 struct camera_info info; 601 if (mModule->getCameraInfo(cameraId, &info) != OK) { 602 return -1; 603 } 604 605 int deviceVersion; 606 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_0) { 607 deviceVersion = info.device_version; 608 } else { 609 deviceVersion = CAMERA_DEVICE_API_VERSION_1_0; 610 } 611 612 if (facing) { 613 *facing = info.facing; 614 } 615 616 return deviceVersion; 617} 618 619Status CameraService::filterGetInfoErrorCode(status_t err) { 620 switch(err) { 621 case NO_ERROR: 622 return Status::ok(); 623 case BAD_VALUE: 624 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 625 "CameraId is not valid for HAL module"); 626 case NO_INIT: 627 return STATUS_ERROR(ERROR_DISCONNECTED, 628 "Camera device not available"); 629 default: 630 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 631 "Camera HAL encountered error %d: %s", 632 err, strerror(-err)); 633 } 634} 635 636bool CameraService::setUpVendorTags() { 637 ATRACE_CALL(); 638 vendor_tag_ops_t vOps = vendor_tag_ops_t(); 639 640 // Check if vendor operations have been implemented 641 if (!mModule->isVendorTagDefined()) { 642 ALOGI("%s: No vendor tags defined for this device.", __FUNCTION__); 643 return false; 644 } 645 646 mModule->getVendorTagOps(&vOps); 647 648 // Ensure all vendor operations are present 649 if (vOps.get_tag_count == NULL || vOps.get_all_tags == NULL || 650 vOps.get_section_name == NULL || vOps.get_tag_name == NULL || 651 vOps.get_tag_type == NULL) { 652 ALOGE("%s: Vendor tag operations not fully defined. Ignoring definitions." 653 , __FUNCTION__); 654 return false; 655 } 656 657 // Read all vendor tag definitions into a descriptor 658 sp<VendorTagDescriptor> desc; 659 status_t res; 660 if ((res = VendorTagDescriptor::createDescriptorFromOps(&vOps, /*out*/desc)) 661 != OK) { 662 ALOGE("%s: Could not generate descriptor from vendor tag operations," 663 "received error %s (%d). Camera clients will not be able to use" 664 "vendor tags", __FUNCTION__, strerror(res), res); 665 return false; 666 } 667 668 // Set the global descriptor to use with camera metadata 669 VendorTagDescriptor::setAsGlobalVendorTagDescriptor(desc); 670 return true; 671} 672 673Status CameraService::makeClient(const sp<CameraService>& cameraService, 674 const sp<IInterface>& cameraCb, const String16& packageName, int cameraId, 675 int facing, int clientPid, uid_t clientUid, int servicePid, bool legacyMode, 676 int halVersion, int deviceVersion, apiLevel effectiveApiLevel, 677 /*out*/sp<BasicClient>* client) { 678 679 if (halVersion < 0 || halVersion == deviceVersion) { 680 // Default path: HAL version is unspecified by caller, create CameraClient 681 // based on device version reported by the HAL. 682 switch(deviceVersion) { 683 case CAMERA_DEVICE_API_VERSION_1_0: 684 if (effectiveApiLevel == API_1) { // Camera1 API route 685 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 686 *client = new CameraClient(cameraService, tmp, packageName, cameraId, facing, 687 clientPid, clientUid, getpid(), legacyMode); 688 } else { // Camera2 API route 689 ALOGW("Camera using old HAL version: %d", deviceVersion); 690 return STATUS_ERROR_FMT(ERROR_DEPRECATED_HAL, 691 "Camera device \"%d\" HAL version %d does not support camera2 API", 692 cameraId, deviceVersion); 693 } 694 break; 695 case CAMERA_DEVICE_API_VERSION_3_0: 696 case CAMERA_DEVICE_API_VERSION_3_1: 697 case CAMERA_DEVICE_API_VERSION_3_2: 698 case CAMERA_DEVICE_API_VERSION_3_3: 699 case CAMERA_DEVICE_API_VERSION_3_4: 700 if (effectiveApiLevel == API_1) { // Camera1 API route 701 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 702 *client = new Camera2Client(cameraService, tmp, packageName, cameraId, facing, 703 clientPid, clientUid, servicePid, legacyMode); 704 } else { // Camera2 API route 705 sp<hardware::camera2::ICameraDeviceCallbacks> tmp = 706 static_cast<hardware::camera2::ICameraDeviceCallbacks*>(cameraCb.get()); 707 *client = new CameraDeviceClient(cameraService, tmp, packageName, cameraId, 708 facing, clientPid, clientUid, servicePid); 709 } 710 break; 711 default: 712 // Should not be reachable 713 ALOGE("Unknown camera device HAL version: %d", deviceVersion); 714 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 715 "Camera device \"%d\" has unknown HAL version %d", 716 cameraId, deviceVersion); 717 } 718 } else { 719 // A particular HAL version is requested by caller. Create CameraClient 720 // based on the requested HAL version. 721 if (deviceVersion > CAMERA_DEVICE_API_VERSION_1_0 && 722 halVersion == CAMERA_DEVICE_API_VERSION_1_0) { 723 // Only support higher HAL version device opened as HAL1.0 device. 724 sp<ICameraClient> tmp = static_cast<ICameraClient*>(cameraCb.get()); 725 *client = new CameraClient(cameraService, tmp, packageName, cameraId, facing, 726 clientPid, clientUid, servicePid, legacyMode); 727 } else { 728 // Other combinations (e.g. HAL3.x open as HAL2.x) are not supported yet. 729 ALOGE("Invalid camera HAL version %x: HAL %x device can only be" 730 " opened as HAL %x device", halVersion, deviceVersion, 731 CAMERA_DEVICE_API_VERSION_1_0); 732 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 733 "Camera device \"%d\" (HAL version %d) cannot be opened as HAL version %d", 734 cameraId, deviceVersion, halVersion); 735 } 736 } 737 return Status::ok(); 738} 739 740String8 CameraService::toString(std::set<userid_t> intSet) { 741 String8 s(""); 742 bool first = true; 743 for (userid_t i : intSet) { 744 if (first) { 745 s.appendFormat("%d", i); 746 first = false; 747 } else { 748 s.appendFormat(", %d", i); 749 } 750 } 751 return s; 752} 753 754int32_t CameraService::mapToInterface(TorchModeStatus status) { 755 int32_t serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE; 756 switch (status) { 757 case TorchModeStatus::NOT_AVAILABLE: 758 serviceStatus = ICameraServiceListener::TORCH_STATUS_NOT_AVAILABLE; 759 break; 760 case TorchModeStatus::AVAILABLE_OFF: 761 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_OFF; 762 break; 763 case TorchModeStatus::AVAILABLE_ON: 764 serviceStatus = ICameraServiceListener::TORCH_STATUS_AVAILABLE_ON; 765 break; 766 default: 767 ALOGW("Unknown new flash status: %d", status); 768 } 769 return serviceStatus; 770} 771 772CameraService::StatusInternal CameraService::mapToInternal(CameraDeviceStatus status) { 773 StatusInternal serviceStatus = StatusInternal::NOT_PRESENT; 774 switch (status) { 775 case CameraDeviceStatus::NOT_PRESENT: 776 serviceStatus = StatusInternal::NOT_PRESENT; 777 break; 778 case CameraDeviceStatus::PRESENT: 779 serviceStatus = StatusInternal::PRESENT; 780 break; 781 case CameraDeviceStatus::ENUMERATING: 782 serviceStatus = StatusInternal::ENUMERATING; 783 break; 784 default: 785 ALOGW("Unknown new HAL device status: %d", status); 786 } 787 return serviceStatus; 788} 789 790int32_t CameraService::mapToInterface(StatusInternal status) { 791 int32_t serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT; 792 switch (status) { 793 case StatusInternal::NOT_PRESENT: 794 serviceStatus = ICameraServiceListener::STATUS_NOT_PRESENT; 795 break; 796 case StatusInternal::PRESENT: 797 serviceStatus = ICameraServiceListener::STATUS_PRESENT; 798 break; 799 case StatusInternal::ENUMERATING: 800 serviceStatus = ICameraServiceListener::STATUS_ENUMERATING; 801 break; 802 case StatusInternal::NOT_AVAILABLE: 803 serviceStatus = ICameraServiceListener::STATUS_NOT_AVAILABLE; 804 break; 805 case StatusInternal::UNKNOWN: 806 serviceStatus = ICameraServiceListener::STATUS_UNKNOWN; 807 break; 808 default: 809 ALOGW("Unknown new internal device status: %d", status); 810 } 811 return serviceStatus; 812} 813 814Status CameraService::initializeShimMetadata(int cameraId) { 815 int uid = getCallingUid(); 816 817 String16 internalPackageName("cameraserver"); 818 String8 id = String8::format("%d", cameraId); 819 Status ret = Status::ok(); 820 sp<Client> tmp = nullptr; 821 if (!(ret = connectHelper<ICameraClient,Client>( 822 sp<ICameraClient>{nullptr}, id, static_cast<int>(CAMERA_HAL_API_VERSION_UNSPECIFIED), 823 internalPackageName, uid, USE_CALLING_PID, 824 API_1, /*legacyMode*/ false, /*shimUpdateOnly*/ true, 825 /*out*/ tmp) 826 ).isOk()) { 827 ALOGE("%s: Error initializing shim metadata: %s", __FUNCTION__, ret.toString8().string()); 828 } 829 return ret; 830} 831 832Status CameraService::getLegacyParametersLazy(int cameraId, 833 /*out*/ 834 CameraParameters* parameters) { 835 836 ALOGV("%s: for cameraId: %d", __FUNCTION__, cameraId); 837 838 Status ret = Status::ok(); 839 840 if (parameters == NULL) { 841 ALOGE("%s: parameters must not be null", __FUNCTION__); 842 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null"); 843 } 844 845 String8 id = String8::format("%d", cameraId); 846 847 // Check if we already have parameters 848 { 849 // Scope for service lock 850 Mutex::Autolock lock(mServiceLock); 851 auto cameraState = getCameraState(id); 852 if (cameraState == nullptr) { 853 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, id.string()); 854 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 855 "Invalid camera ID: %s", id.string()); 856 } 857 CameraParameters p = cameraState->getShimParams(); 858 if (!p.isEmpty()) { 859 *parameters = p; 860 return ret; 861 } 862 } 863 864 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 865 ret = initializeShimMetadata(cameraId); 866 IPCThreadState::self()->restoreCallingIdentity(token); 867 if (!ret.isOk()) { 868 // Error already logged by callee 869 return ret; 870 } 871 872 // Check for parameters again 873 { 874 // Scope for service lock 875 Mutex::Autolock lock(mServiceLock); 876 auto cameraState = getCameraState(id); 877 if (cameraState == nullptr) { 878 ALOGE("%s: Invalid camera ID: %s", __FUNCTION__, id.string()); 879 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 880 "Invalid camera ID: %s", id.string()); 881 } 882 CameraParameters p = cameraState->getShimParams(); 883 if (!p.isEmpty()) { 884 *parameters = p; 885 return ret; 886 } 887 } 888 889 ALOGE("%s: Parameters were not initialized, or were empty. Device may not be present.", 890 __FUNCTION__); 891 return STATUS_ERROR(ERROR_INVALID_OPERATION, "Unable to initialize legacy parameters"); 892} 893 894// Can camera service trust the caller based on the calling UID? 895static bool isTrustedCallingUid(uid_t uid) { 896 switch (uid) { 897 case AID_MEDIA: // mediaserver 898 case AID_CAMERASERVER: // cameraserver 899 case AID_RADIO: // telephony 900 return true; 901 default: 902 return false; 903 } 904} 905 906Status CameraService::validateConnectLocked(const String8& cameraId, 907 const String8& clientName8, /*inout*/int& clientUid, /*inout*/int& clientPid, 908 /*out*/int& originalClientPid) const { 909 910#ifdef __BRILLO__ 911 UNUSED(clientName8); 912 UNUSED(clientUid); 913 UNUSED(clientPid); 914 UNUSED(originalClientPid); 915#else 916 Status allowed = validateClientPermissionsLocked(cameraId, clientName8, clientUid, clientPid, 917 originalClientPid); 918 if (!allowed.isOk()) { 919 return allowed; 920 } 921#endif // __BRILLO__ 922 923 int callingPid = getCallingPid(); 924 925 if (!mModule) { 926 ALOGE("CameraService::connect X (PID %d) rejected (camera HAL module not loaded)", 927 callingPid); 928 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 929 "No camera HAL module available to open camera device \"%s\"", cameraId.string()); 930 } 931 932 if (getCameraState(cameraId) == nullptr) { 933 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid, 934 cameraId.string()); 935 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 936 "No camera device with ID \"%s\" available", cameraId.string()); 937 } 938 939 status_t err = checkIfDeviceIsUsable(cameraId); 940 if (err != NO_ERROR) { 941 switch(err) { 942 case -ENODEV: 943 case -EBUSY: 944 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 945 "No camera device with ID \"%s\" currently available", cameraId.string()); 946 default: 947 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 948 "Unknown error connecting to ID \"%s\"", cameraId.string()); 949 } 950 } 951 return Status::ok(); 952} 953 954Status CameraService::validateClientPermissionsLocked(const String8& cameraId, 955 const String8& clientName8, int& clientUid, int& clientPid, 956 /*out*/int& originalClientPid) const { 957 int callingPid = getCallingPid(); 958 int callingUid = getCallingUid(); 959 960 // Check if we can trust clientUid 961 if (clientUid == USE_CALLING_UID) { 962 clientUid = callingUid; 963 } else if (!isTrustedCallingUid(callingUid)) { 964 ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " 965 "(don't trust clientUid %d)", callingPid, callingUid, clientUid); 966 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 967 "Untrusted caller (calling PID %d, UID %d) trying to " 968 "forward camera access to camera %s for client %s (PID %d, UID %d)", 969 callingPid, callingUid, cameraId.string(), 970 clientName8.string(), clientUid, clientPid); 971 } 972 973 // Check if we can trust clientPid 974 if (clientPid == USE_CALLING_PID) { 975 clientPid = callingPid; 976 } else if (!isTrustedCallingUid(callingUid)) { 977 ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " 978 "(don't trust clientPid %d)", callingPid, callingUid, clientPid); 979 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 980 "Untrusted caller (calling PID %d, UID %d) trying to " 981 "forward camera access to camera %s for client %s (PID %d, UID %d)", 982 callingPid, callingUid, cameraId.string(), 983 clientName8.string(), clientUid, clientPid); 984 } 985 986 // If it's not calling from cameraserver, check the permission. 987 if (callingPid != getpid() && 988 !checkPermission(String16("android.permission.CAMERA"), clientPid, clientUid)) { 989 ALOGE("Permission Denial: can't use the camera pid=%d, uid=%d", clientPid, clientUid); 990 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 991 "Caller \"%s\" (PID %d, UID %d) cannot open camera \"%s\" without camera permission", 992 clientName8.string(), clientUid, clientPid, cameraId.string()); 993 } 994 995 // Only use passed in clientPid to check permission. Use calling PID as the client PID that's 996 // connected to camera service directly. 997 originalClientPid = clientPid; 998 clientPid = callingPid; 999 1000 userid_t clientUserId = multiuser_get_user_id(clientUid); 1001 1002 // Only allow clients who are being used by the current foreground device user, unless calling 1003 // from our own process. 1004 if (callingPid != getpid() && (mAllowedUsers.find(clientUserId) == mAllowedUsers.end())) { 1005 ALOGE("CameraService::connect X (PID %d) rejected (cannot connect from " 1006 "device user %d, currently allowed device users: %s)", callingPid, clientUserId, 1007 toString(mAllowedUsers).string()); 1008 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 1009 "Callers from device user %d are not currently allowed to connect to camera \"%s\"", 1010 clientUserId, cameraId.string()); 1011 } 1012 1013 return Status::ok(); 1014} 1015 1016status_t CameraService::checkIfDeviceIsUsable(const String8& cameraId) const { 1017 auto cameraState = getCameraState(cameraId); 1018 int callingPid = getCallingPid(); 1019 if (cameraState == nullptr) { 1020 ALOGE("CameraService::connect X (PID %d) rejected (invalid camera ID %s)", callingPid, 1021 cameraId.string()); 1022 return -ENODEV; 1023 } 1024 1025 StatusInternal currentStatus = cameraState->getStatus(); 1026 if (currentStatus == StatusInternal::NOT_PRESENT) { 1027 ALOGE("CameraService::connect X (PID %d) rejected (camera %s is not connected)", 1028 callingPid, cameraId.string()); 1029 return -ENODEV; 1030 } else if (currentStatus == StatusInternal::ENUMERATING) { 1031 ALOGE("CameraService::connect X (PID %d) rejected, (camera %s is initializing)", 1032 callingPid, cameraId.string()); 1033 return -EBUSY; 1034 } 1035 1036 return NO_ERROR; 1037} 1038 1039void CameraService::finishConnectLocked(const sp<BasicClient>& client, 1040 const CameraService::DescriptorPtr& desc) { 1041 1042 // Make a descriptor for the incoming client 1043 auto clientDescriptor = CameraService::CameraClientManager::makeClientDescriptor(client, desc); 1044 auto evicted = mActiveClientManager.addAndEvict(clientDescriptor); 1045 1046 logConnected(desc->getKey(), static_cast<int>(desc->getOwnerId()), 1047 String8(client->getPackageName())); 1048 1049 if (evicted.size() > 0) { 1050 // This should never happen - clients should already have been removed in disconnect 1051 for (auto& i : evicted) { 1052 ALOGE("%s: Invalid state: Client for camera %s was not removed in disconnect", 1053 __FUNCTION__, i->getKey().string()); 1054 } 1055 1056 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, clients not evicted properly", 1057 __FUNCTION__); 1058 } 1059 1060 // And register a death notification for the client callback. Do 1061 // this last to avoid Binder policy where a nested Binder 1062 // transaction might be pre-empted to service the client death 1063 // notification if the client process dies before linkToDeath is 1064 // invoked. 1065 sp<IBinder> remoteCallback = client->getRemote(); 1066 if (remoteCallback != nullptr) { 1067 remoteCallback->linkToDeath(this); 1068 } 1069} 1070 1071status_t CameraService::handleEvictionsLocked(const String8& cameraId, int clientPid, 1072 apiLevel effectiveApiLevel, const sp<IBinder>& remoteCallback, const String8& packageName, 1073 /*out*/ 1074 sp<BasicClient>* client, 1075 std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>* partial) { 1076 ATRACE_CALL(); 1077 status_t ret = NO_ERROR; 1078 std::vector<DescriptorPtr> evictedClients; 1079 DescriptorPtr clientDescriptor; 1080 { 1081 if (effectiveApiLevel == API_1) { 1082 // If we are using API1, any existing client for this camera ID with the same remote 1083 // should be returned rather than evicted to allow MediaRecorder to work properly. 1084 1085 auto current = mActiveClientManager.get(cameraId); 1086 if (current != nullptr) { 1087 auto clientSp = current->getValue(); 1088 if (clientSp.get() != nullptr) { // should never be needed 1089 if (!clientSp->canCastToApiClient(effectiveApiLevel)) { 1090 ALOGW("CameraService connect called from same client, but with a different" 1091 " API level, evicting prior client..."); 1092 } else if (clientSp->getRemote() == remoteCallback) { 1093 ALOGI("CameraService::connect X (PID %d) (second call from same" 1094 " app binder, returning the same client)", clientPid); 1095 *client = clientSp; 1096 return NO_ERROR; 1097 } 1098 } 1099 } 1100 } 1101 1102 // Get current active client PIDs 1103 std::vector<int> ownerPids(mActiveClientManager.getAllOwners()); 1104 ownerPids.push_back(clientPid); 1105 1106 // Use the value +PROCESS_STATE_NONEXISTENT, to avoid taking 1107 // address of PROCESS_STATE_NONEXISTENT as a reference argument 1108 // for the vector constructor. PROCESS_STATE_NONEXISTENT does 1109 // not have an out-of-class definition. 1110 std::vector<int> priorities(ownerPids.size(), +PROCESS_STATE_NONEXISTENT); 1111 1112 // Get priorites of all active PIDs 1113 ProcessInfoService::getProcessStatesFromPids(ownerPids.size(), &ownerPids[0], 1114 /*out*/&priorities[0]); 1115 1116 // Update all active clients' priorities 1117 std::map<int,int> pidToPriorityMap; 1118 for (size_t i = 0; i < ownerPids.size() - 1; i++) { 1119 pidToPriorityMap.emplace(ownerPids[i], getCameraPriorityFromProcState(priorities[i])); 1120 } 1121 mActiveClientManager.updatePriorities(pidToPriorityMap); 1122 1123 // Get state for the given cameraId 1124 auto state = getCameraState(cameraId); 1125 if (state == nullptr) { 1126 ALOGE("CameraService::connect X (PID %d) rejected (no camera device with ID %s)", 1127 clientPid, cameraId.string()); 1128 // Should never get here because validateConnectLocked should have errored out 1129 return BAD_VALUE; 1130 } 1131 1132 // Make descriptor for incoming client 1133 clientDescriptor = CameraClientManager::makeClientDescriptor(cameraId, 1134 sp<BasicClient>{nullptr}, static_cast<int32_t>(state->getCost()), 1135 state->getConflicting(), 1136 getCameraPriorityFromProcState(priorities[priorities.size() - 1]), clientPid); 1137 1138 // Find clients that would be evicted 1139 auto evicted = mActiveClientManager.wouldEvict(clientDescriptor); 1140 1141 // If the incoming client was 'evicted,' higher priority clients have the camera in the 1142 // background, so we cannot do evictions 1143 if (std::find(evicted.begin(), evicted.end(), clientDescriptor) != evicted.end()) { 1144 ALOGE("CameraService::connect X (PID %d) rejected (existing client(s) with higher" 1145 " priority).", clientPid); 1146 1147 sp<BasicClient> clientSp = clientDescriptor->getValue(); 1148 String8 curTime = getFormattedCurrentTime(); 1149 auto incompatibleClients = 1150 mActiveClientManager.getIncompatibleClients(clientDescriptor); 1151 1152 String8 msg = String8::format("%s : DENIED connect device %s client for package %s " 1153 "(PID %d, priority %d) due to eviction policy", curTime.string(), 1154 cameraId.string(), packageName.string(), clientPid, 1155 getCameraPriorityFromProcState(priorities[priorities.size() - 1])); 1156 1157 for (auto& i : incompatibleClients) { 1158 msg.appendFormat("\n - Blocked by existing device %s client for package %s" 1159 "(PID %" PRId32 ", priority %" PRId32 ")", i->getKey().string(), 1160 String8{i->getValue()->getPackageName()}.string(), i->getOwnerId(), 1161 i->getPriority()); 1162 ALOGE(" Conflicts with: Device %s, client package %s (PID %" 1163 PRId32 ", priority %" PRId32 ")", i->getKey().string(), 1164 String8{i->getValue()->getPackageName()}.string(), i->getOwnerId(), 1165 i->getPriority()); 1166 } 1167 1168 // Log the client's attempt 1169 Mutex::Autolock l(mLogLock); 1170 mEventLog.add(msg); 1171 1172 return -EBUSY; 1173 } 1174 1175 for (auto& i : evicted) { 1176 sp<BasicClient> clientSp = i->getValue(); 1177 if (clientSp.get() == nullptr) { 1178 ALOGE("%s: Invalid state: Null client in active client list.", __FUNCTION__); 1179 1180 // TODO: Remove this 1181 LOG_ALWAYS_FATAL("%s: Invalid state for CameraService, null client in active list", 1182 __FUNCTION__); 1183 mActiveClientManager.remove(i); 1184 continue; 1185 } 1186 1187 ALOGE("CameraService::connect evicting conflicting client for camera ID %s", 1188 i->getKey().string()); 1189 evictedClients.push_back(i); 1190 1191 // Log the clients evicted 1192 logEvent(String8::format("EVICT device %s client held by package %s (PID" 1193 " %" PRId32 ", priority %" PRId32 ")\n - Evicted by device %s client for" 1194 " package %s (PID %d, priority %" PRId32 ")", 1195 i->getKey().string(), String8{clientSp->getPackageName()}.string(), 1196 i->getOwnerId(), i->getPriority(), cameraId.string(), 1197 packageName.string(), clientPid, 1198 getCameraPriorityFromProcState(priorities[priorities.size() - 1]))); 1199 1200 // Notify the client of disconnection 1201 clientSp->notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 1202 CaptureResultExtras()); 1203 } 1204 } 1205 1206 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking 1207 // other clients from connecting in mServiceLockWrapper if held 1208 mServiceLock.unlock(); 1209 1210 // Clear caller identity temporarily so client disconnect PID checks work correctly 1211 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 1212 1213 // Destroy evicted clients 1214 for (auto& i : evictedClients) { 1215 // Disconnect is blocking, and should only have returned when HAL has cleaned up 1216 i->getValue()->disconnect(); // Clients will remove themselves from the active client list 1217 } 1218 1219 IPCThreadState::self()->restoreCallingIdentity(token); 1220 1221 for (const auto& i : evictedClients) { 1222 ALOGV("%s: Waiting for disconnect to complete for client for device %s (PID %" PRId32 ")", 1223 __FUNCTION__, i->getKey().string(), i->getOwnerId()); 1224 ret = mActiveClientManager.waitUntilRemoved(i, DEFAULT_DISCONNECT_TIMEOUT_NS); 1225 if (ret == TIMED_OUT) { 1226 ALOGE("%s: Timed out waiting for client for device %s to disconnect, " 1227 "current clients:\n%s", __FUNCTION__, i->getKey().string(), 1228 mActiveClientManager.toString().string()); 1229 return -EBUSY; 1230 } 1231 if (ret != NO_ERROR) { 1232 ALOGE("%s: Received error waiting for client for device %s to disconnect: %s (%d), " 1233 "current clients:\n%s", __FUNCTION__, i->getKey().string(), strerror(-ret), 1234 ret, mActiveClientManager.toString().string()); 1235 return ret; 1236 } 1237 } 1238 1239 evictedClients.clear(); 1240 1241 // Once clients have been disconnected, relock 1242 mServiceLock.lock(); 1243 1244 // Check again if the device was unplugged or something while we weren't holding mServiceLock 1245 if ((ret = checkIfDeviceIsUsable(cameraId)) != NO_ERROR) { 1246 return ret; 1247 } 1248 1249 *partial = clientDescriptor; 1250 return NO_ERROR; 1251} 1252 1253Status CameraService::connect( 1254 const sp<ICameraClient>& cameraClient, 1255 int cameraId, 1256 const String16& clientPackageName, 1257 int clientUid, 1258 int clientPid, 1259 /*out*/ 1260 sp<ICamera>* device) { 1261 1262 ATRACE_CALL(); 1263 Status ret = Status::ok(); 1264 String8 id = String8::format("%d", cameraId); 1265 sp<Client> client = nullptr; 1266 ret = connectHelper<ICameraClient,Client>(cameraClient, id, 1267 CAMERA_HAL_API_VERSION_UNSPECIFIED, clientPackageName, clientUid, clientPid, API_1, 1268 /*legacyMode*/ false, /*shimUpdateOnly*/ false, 1269 /*out*/client); 1270 1271 if(!ret.isOk()) { 1272 logRejected(id, getCallingPid(), String8(clientPackageName), 1273 ret.toString8()); 1274 return ret; 1275 } 1276 1277 *device = client; 1278 return ret; 1279} 1280 1281Status CameraService::connectLegacy( 1282 const sp<ICameraClient>& cameraClient, 1283 int cameraId, int halVersion, 1284 const String16& clientPackageName, 1285 int clientUid, 1286 /*out*/ 1287 sp<ICamera>* device) { 1288 1289 ATRACE_CALL(); 1290 String8 id = String8::format("%d", cameraId); 1291 int apiVersion = mModule->getModuleApiVersion(); 1292 if (halVersion != CAMERA_HAL_API_VERSION_UNSPECIFIED && 1293 apiVersion < CAMERA_MODULE_API_VERSION_2_3) { 1294 /* 1295 * Either the HAL version is unspecified in which case this just creates 1296 * a camera client selected by the latest device version, or 1297 * it's a particular version in which case the HAL must supported 1298 * the open_legacy call 1299 */ 1300 String8 msg = String8::format("Camera HAL module version %x too old for connectLegacy!", 1301 apiVersion); 1302 ALOGE("%s: %s", 1303 __FUNCTION__, msg.string()); 1304 logRejected(id, getCallingPid(), String8(clientPackageName), 1305 msg); 1306 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.string()); 1307 } 1308 1309 Status ret = Status::ok(); 1310 sp<Client> client = nullptr; 1311 ret = connectHelper<ICameraClient,Client>(cameraClient, id, halVersion, 1312 clientPackageName, clientUid, USE_CALLING_PID, API_1, 1313 /*legacyMode*/ true, /*shimUpdateOnly*/ false, 1314 /*out*/client); 1315 1316 if(!ret.isOk()) { 1317 logRejected(id, getCallingPid(), String8(clientPackageName), 1318 ret.toString8()); 1319 return ret; 1320 } 1321 1322 *device = client; 1323 return ret; 1324} 1325 1326Status CameraService::connectDevice( 1327 const sp<hardware::camera2::ICameraDeviceCallbacks>& cameraCb, 1328 const String16& cameraId, 1329 const String16& clientPackageName, 1330 int clientUid, 1331 /*out*/ 1332 sp<hardware::camera2::ICameraDeviceUser>* device) { 1333 1334 ATRACE_CALL(); 1335 Status ret = Status::ok(); 1336 String8 id = String8(cameraId); 1337 sp<CameraDeviceClient> client = nullptr; 1338 ret = connectHelper<hardware::camera2::ICameraDeviceCallbacks,CameraDeviceClient>(cameraCb, id, 1339 CAMERA_HAL_API_VERSION_UNSPECIFIED, clientPackageName, 1340 clientUid, USE_CALLING_PID, API_2, 1341 /*legacyMode*/ false, /*shimUpdateOnly*/ false, 1342 /*out*/client); 1343 1344 if(!ret.isOk()) { 1345 logRejected(id, getCallingPid(), String8(clientPackageName), 1346 ret.toString8()); 1347 return ret; 1348 } 1349 1350 *device = client; 1351 return ret; 1352} 1353 1354template<class CALLBACK, class CLIENT> 1355Status CameraService::connectHelper(const sp<CALLBACK>& cameraCb, const String8& cameraId, 1356 int halVersion, const String16& clientPackageName, int clientUid, int clientPid, 1357 apiLevel effectiveApiLevel, bool legacyMode, bool shimUpdateOnly, 1358 /*out*/sp<CLIENT>& device) { 1359 binder::Status ret = binder::Status::ok(); 1360 1361 String8 clientName8(clientPackageName); 1362 1363 int originalClientPid = 0; 1364 1365 ALOGI("CameraService::connect call (PID %d \"%s\", camera ID %s) for HAL version %s and " 1366 "Camera API version %d", clientPid, clientName8.string(), cameraId.string(), 1367 (halVersion == -1) ? "default" : std::to_string(halVersion).c_str(), 1368 static_cast<int>(effectiveApiLevel)); 1369 1370 sp<CLIENT> client = nullptr; 1371 { 1372 // Acquire mServiceLock and prevent other clients from connecting 1373 std::unique_ptr<AutoConditionLock> lock = 1374 AutoConditionLock::waitAndAcquire(mServiceLockWrapper, DEFAULT_CONNECT_TIMEOUT_NS); 1375 1376 if (lock == nullptr) { 1377 ALOGE("CameraService::connect (PID %d) rejected (too many other clients connecting)." 1378 , clientPid); 1379 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1380 "Cannot open camera %s for \"%s\" (PID %d): Too many other clients connecting", 1381 cameraId.string(), clientName8.string(), clientPid); 1382 } 1383 1384 // Enforce client permissions and do basic sanity checks 1385 if(!(ret = validateConnectLocked(cameraId, clientName8, 1386 /*inout*/clientUid, /*inout*/clientPid, /*out*/originalClientPid)).isOk()) { 1387 return ret; 1388 } 1389 1390 // Check the shim parameters after acquiring lock, if they have already been updated and 1391 // we were doing a shim update, return immediately 1392 if (shimUpdateOnly) { 1393 auto cameraState = getCameraState(cameraId); 1394 if (cameraState != nullptr) { 1395 if (!cameraState->getShimParams().isEmpty()) return ret; 1396 } 1397 } 1398 1399 status_t err; 1400 1401 sp<BasicClient> clientTmp = nullptr; 1402 std::shared_ptr<resource_policy::ClientDescriptor<String8, sp<BasicClient>>> partial; 1403 if ((err = handleEvictionsLocked(cameraId, originalClientPid, effectiveApiLevel, 1404 IInterface::asBinder(cameraCb), clientName8, /*out*/&clientTmp, 1405 /*out*/&partial)) != NO_ERROR) { 1406 switch (err) { 1407 case -ENODEV: 1408 return STATUS_ERROR_FMT(ERROR_DISCONNECTED, 1409 "No camera device with ID \"%s\" currently available", 1410 cameraId.string()); 1411 case -EBUSY: 1412 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1413 "Higher-priority client using camera, ID \"%s\" currently unavailable", 1414 cameraId.string()); 1415 default: 1416 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1417 "Unexpected error %s (%d) opening camera \"%s\"", 1418 strerror(-err), err, cameraId.string()); 1419 } 1420 } 1421 1422 if (clientTmp.get() != nullptr) { 1423 // Handle special case for API1 MediaRecorder where the existing client is returned 1424 device = static_cast<CLIENT*>(clientTmp.get()); 1425 return ret; 1426 } 1427 1428 // give flashlight a chance to close devices if necessary. 1429 mFlashlight->prepareDeviceOpen(cameraId); 1430 1431 // TODO: Update getDeviceVersion + HAL interface to use strings for Camera IDs 1432 int id = cameraIdToInt(cameraId); 1433 if (id == -1) { 1434 ALOGE("%s: Invalid camera ID %s, cannot get device version from HAL.", __FUNCTION__, 1435 cameraId.string()); 1436 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1437 "Bad camera ID \"%s\" passed to camera open", cameraId.string()); 1438 } 1439 1440 int facing = -1; 1441 int deviceVersion = getDeviceVersion(id, /*out*/&facing); 1442 sp<BasicClient> tmp = nullptr; 1443 if(!(ret = makeClient(this, cameraCb, clientPackageName, id, facing, clientPid, 1444 clientUid, getpid(), legacyMode, halVersion, deviceVersion, effectiveApiLevel, 1445 /*out*/&tmp)).isOk()) { 1446 return ret; 1447 } 1448 client = static_cast<CLIENT*>(tmp.get()); 1449 1450 LOG_ALWAYS_FATAL_IF(client.get() == nullptr, "%s: CameraService in invalid state", 1451 __FUNCTION__); 1452 1453 if ((err = client->initialize(mModule)) != OK) { 1454 ALOGE("%s: Could not initialize client from HAL module.", __FUNCTION__); 1455 // Errors could be from the HAL module open call or from AppOpsManager 1456 switch(err) { 1457 case BAD_VALUE: 1458 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1459 "Illegal argument to HAL module for camera \"%s\"", cameraId.string()); 1460 case -EBUSY: 1461 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1462 "Camera \"%s\" is already open", cameraId.string()); 1463 case -EUSERS: 1464 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1465 "Too many cameras already open, cannot open camera \"%s\"", 1466 cameraId.string()); 1467 case PERMISSION_DENIED: 1468 return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, 1469 "No permission to open camera \"%s\"", cameraId.string()); 1470 case -EACCES: 1471 return STATUS_ERROR_FMT(ERROR_DISABLED, 1472 "Camera \"%s\" disabled by policy", cameraId.string()); 1473 case -ENODEV: 1474 default: 1475 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1476 "Failed to initialize camera \"%s\": %s (%d)", cameraId.string(), 1477 strerror(-err), err); 1478 } 1479 } 1480 1481 // Update shim paremeters for legacy clients 1482 if (effectiveApiLevel == API_1) { 1483 // Assume we have always received a Client subclass for API1 1484 sp<Client> shimClient = reinterpret_cast<Client*>(client.get()); 1485 String8 rawParams = shimClient->getParameters(); 1486 CameraParameters params(rawParams); 1487 1488 auto cameraState = getCameraState(cameraId); 1489 if (cameraState != nullptr) { 1490 cameraState->setShimParams(params); 1491 } else { 1492 ALOGE("%s: Cannot update shim parameters for camera %s, no such device exists.", 1493 __FUNCTION__, cameraId.string()); 1494 } 1495 } 1496 1497 if (shimUpdateOnly) { 1498 // If only updating legacy shim parameters, immediately disconnect client 1499 mServiceLock.unlock(); 1500 client->disconnect(); 1501 mServiceLock.lock(); 1502 } else { 1503 // Otherwise, add client to active clients list 1504 finishConnectLocked(client, partial); 1505 } 1506 } // lock is destroyed, allow further connect calls 1507 1508 // Important: release the mutex here so the client can call back into the service from its 1509 // destructor (can be at the end of the call) 1510 device = client; 1511 return ret; 1512} 1513 1514Status CameraService::setTorchMode(const String16& cameraId, bool enabled, 1515 const sp<IBinder>& clientBinder) { 1516 1517 ATRACE_CALL(); 1518 if (enabled && clientBinder == nullptr) { 1519 ALOGE("%s: torch client binder is NULL", __FUNCTION__); 1520 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, 1521 "Torch client Binder is null"); 1522 } 1523 1524 String8 id = String8(cameraId.string()); 1525 int uid = getCallingUid(); 1526 1527 // verify id is valid. 1528 auto state = getCameraState(id); 1529 if (state == nullptr) { 1530 ALOGE("%s: camera id is invalid %s", __FUNCTION__, id.string()); 1531 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1532 "Camera ID \"%s\" is a not valid camera ID", id.string()); 1533 } 1534 1535 StatusInternal cameraStatus = state->getStatus(); 1536 if (cameraStatus != StatusInternal::PRESENT && 1537 cameraStatus != StatusInternal::NOT_PRESENT) { 1538 ALOGE("%s: camera id is invalid %s", __FUNCTION__, id.string()); 1539 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1540 "Camera ID \"%s\" is a not valid camera ID", id.string()); 1541 } 1542 1543 { 1544 Mutex::Autolock al(mTorchStatusMutex); 1545 TorchModeStatus status; 1546 status_t err = getTorchStatusLocked(id, &status); 1547 if (err != OK) { 1548 if (err == NAME_NOT_FOUND) { 1549 return STATUS_ERROR_FMT(ERROR_ILLEGAL_ARGUMENT, 1550 "Camera \"%s\" does not have a flash unit", id.string()); 1551 } 1552 ALOGE("%s: getting current torch status failed for camera %s", 1553 __FUNCTION__, id.string()); 1554 return STATUS_ERROR_FMT(ERROR_INVALID_OPERATION, 1555 "Error updating torch status for camera \"%s\": %s (%d)", id.string(), 1556 strerror(-err), err); 1557 } 1558 1559 if (status == TorchModeStatus::NOT_AVAILABLE) { 1560 if (cameraStatus == StatusInternal::NOT_PRESENT) { 1561 ALOGE("%s: torch mode of camera %s is not available because " 1562 "camera is in use", __FUNCTION__, id.string()); 1563 return STATUS_ERROR_FMT(ERROR_CAMERA_IN_USE, 1564 "Torch for camera \"%s\" is not available due to an existing camera user", 1565 id.string()); 1566 } else { 1567 ALOGE("%s: torch mode of camera %s is not available due to " 1568 "insufficient resources", __FUNCTION__, id.string()); 1569 return STATUS_ERROR_FMT(ERROR_MAX_CAMERAS_IN_USE, 1570 "Torch for camera \"%s\" is not available due to insufficient resources", 1571 id.string()); 1572 } 1573 } 1574 } 1575 1576 { 1577 // Update UID map - this is used in the torch status changed callbacks, so must be done 1578 // before setTorchMode 1579 Mutex::Autolock al(mTorchUidMapMutex); 1580 if (mTorchUidMap.find(id) == mTorchUidMap.end()) { 1581 mTorchUidMap[id].first = uid; 1582 mTorchUidMap[id].second = uid; 1583 } else { 1584 // Set the pending UID 1585 mTorchUidMap[id].first = uid; 1586 } 1587 } 1588 1589 status_t err = mFlashlight->setTorchMode(id, enabled); 1590 1591 if (err != OK) { 1592 int32_t errorCode; 1593 String8 msg; 1594 switch (err) { 1595 case -ENOSYS: 1596 msg = String8::format("Camera \"%s\" has no flashlight", 1597 id.string()); 1598 errorCode = ERROR_ILLEGAL_ARGUMENT; 1599 break; 1600 default: 1601 msg = String8::format( 1602 "Setting torch mode of camera \"%s\" to %d failed: %s (%d)", 1603 id.string(), enabled, strerror(-err), err); 1604 errorCode = ERROR_INVALID_OPERATION; 1605 } 1606 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1607 return STATUS_ERROR(errorCode, msg.string()); 1608 } 1609 1610 { 1611 // update the link to client's death 1612 Mutex::Autolock al(mTorchClientMapMutex); 1613 ssize_t index = mTorchClientMap.indexOfKey(id); 1614 if (enabled) { 1615 if (index == NAME_NOT_FOUND) { 1616 mTorchClientMap.add(id, clientBinder); 1617 } else { 1618 mTorchClientMap.valueAt(index)->unlinkToDeath(this); 1619 mTorchClientMap.replaceValueAt(index, clientBinder); 1620 } 1621 clientBinder->linkToDeath(this); 1622 } else if (index != NAME_NOT_FOUND) { 1623 mTorchClientMap.valueAt(index)->unlinkToDeath(this); 1624 } 1625 } 1626 1627 return Status::ok(); 1628} 1629 1630Status CameraService::notifySystemEvent(int32_t eventId, 1631 const std::vector<int32_t>& args) { 1632 ATRACE_CALL(); 1633 1634 switch(eventId) { 1635 case ICameraService::EVENT_USER_SWITCHED: { 1636 doUserSwitch(/*newUserIds*/ args); 1637 break; 1638 } 1639 case ICameraService::EVENT_NONE: 1640 default: { 1641 ALOGW("%s: Received invalid system event from system_server: %d", __FUNCTION__, 1642 eventId); 1643 break; 1644 } 1645 } 1646 return Status::ok(); 1647} 1648 1649Status CameraService::addListener(const sp<ICameraServiceListener>& listener, 1650 /*out*/ 1651 std::vector<hardware::CameraStatus> *cameraStatuses) { 1652 ATRACE_CALL(); 1653 1654 ALOGV("%s: Add listener %p", __FUNCTION__, listener.get()); 1655 1656 if (listener == nullptr) { 1657 ALOGE("%s: Listener must not be null", __FUNCTION__); 1658 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to addListener"); 1659 } 1660 1661 Mutex::Autolock lock(mServiceLock); 1662 1663 { 1664 Mutex::Autolock lock(mStatusListenerLock); 1665 for (auto& it : mListenerList) { 1666 if (IInterface::asBinder(it) == IInterface::asBinder(listener)) { 1667 ALOGW("%s: Tried to add listener %p which was already subscribed", 1668 __FUNCTION__, listener.get()); 1669 return STATUS_ERROR(ERROR_ALREADY_EXISTS, "Listener already registered"); 1670 } 1671 } 1672 1673 mListenerList.push_back(listener); 1674 } 1675 1676 /* Collect current devices and status */ 1677 { 1678 Mutex::Autolock lock(mCameraStatesLock); 1679 for (auto& i : mCameraStates) { 1680 cameraStatuses->emplace_back(i.first, mapToInterface(i.second->getStatus())); 1681 } 1682 } 1683 1684 /* 1685 * Immediately signal current torch status to this listener only 1686 * This may be a subset of all the devices, so don't include it in the response directly 1687 */ 1688 { 1689 Mutex::Autolock al(mTorchStatusMutex); 1690 for (size_t i = 0; i < mTorchStatusMap.size(); i++ ) { 1691 String16 id = String16(mTorchStatusMap.keyAt(i).string()); 1692 listener->onTorchStatusChanged(mapToInterface(mTorchStatusMap.valueAt(i)), id); 1693 } 1694 } 1695 1696 return Status::ok(); 1697} 1698 1699Status CameraService::removeListener(const sp<ICameraServiceListener>& listener) { 1700 ATRACE_CALL(); 1701 1702 ALOGV("%s: Remove listener %p", __FUNCTION__, listener.get()); 1703 1704 if (listener == 0) { 1705 ALOGE("%s: Listener must not be null", __FUNCTION__); 1706 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Null listener given to removeListener"); 1707 } 1708 1709 Mutex::Autolock lock(mServiceLock); 1710 1711 { 1712 Mutex::Autolock lock(mStatusListenerLock); 1713 for (auto it = mListenerList.begin(); it != mListenerList.end(); it++) { 1714 if (IInterface::asBinder(*it) == IInterface::asBinder(listener)) { 1715 mListenerList.erase(it); 1716 return Status::ok(); 1717 } 1718 } 1719 } 1720 1721 ALOGW("%s: Tried to remove a listener %p which was not subscribed", 1722 __FUNCTION__, listener.get()); 1723 1724 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Unregistered listener given to removeListener"); 1725} 1726 1727Status CameraService::getLegacyParameters(int cameraId, /*out*/String16* parameters) { 1728 1729 ATRACE_CALL(); 1730 ALOGV("%s: for camera ID = %d", __FUNCTION__, cameraId); 1731 1732 if (parameters == NULL) { 1733 ALOGE("%s: parameters must not be null", __FUNCTION__); 1734 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, "Parameters must not be null"); 1735 } 1736 1737 Status ret = Status::ok(); 1738 1739 CameraParameters shimParams; 1740 if (!(ret = getLegacyParametersLazy(cameraId, /*out*/&shimParams)).isOk()) { 1741 // Error logged by caller 1742 return ret; 1743 } 1744 1745 String8 shimParamsString8 = shimParams.flatten(); 1746 String16 shimParamsString16 = String16(shimParamsString8); 1747 1748 *parameters = shimParamsString16; 1749 1750 return ret; 1751} 1752 1753Status CameraService::supportsCameraApi(const String16& cameraId, int apiVersion, 1754 /*out*/ bool *isSupported) { 1755 ATRACE_CALL(); 1756 1757 ALOGV("%s: for camera ID = %s", __FUNCTION__, String8(cameraId).string()); 1758 1759 switch (apiVersion) { 1760 case API_VERSION_1: 1761 case API_VERSION_2: 1762 break; 1763 default: 1764 String8 msg = String8::format("Unknown API version %d", apiVersion); 1765 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1766 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.string()); 1767 } 1768 1769 int facing = -1; 1770 1771 int id = cameraIdToInt(String8(cameraId)); 1772 int deviceVersion = getDeviceVersion(id, &facing); 1773 1774 switch(deviceVersion) { 1775 case CAMERA_DEVICE_API_VERSION_1_0: 1776 case CAMERA_DEVICE_API_VERSION_3_0: 1777 case CAMERA_DEVICE_API_VERSION_3_1: 1778 if (apiVersion == API_VERSION_2) { 1779 ALOGV("%s: Camera id %d uses HAL version %d <3.2, doesn't support api2 without shim", 1780 __FUNCTION__, id, deviceVersion); 1781 *isSupported = false; 1782 } else { // if (apiVersion == API_VERSION_1) { 1783 ALOGV("%s: Camera id %d uses older HAL before 3.2, but api1 is always supported", 1784 __FUNCTION__, id); 1785 *isSupported = true; 1786 } 1787 break; 1788 case CAMERA_DEVICE_API_VERSION_3_2: 1789 case CAMERA_DEVICE_API_VERSION_3_3: 1790 case CAMERA_DEVICE_API_VERSION_3_4: 1791 ALOGV("%s: Camera id %d uses HAL3.2 or newer, supports api1/api2 directly", 1792 __FUNCTION__, id); 1793 *isSupported = true; 1794 break; 1795 case -1: { 1796 String8 msg = String8::format("Unknown camera ID %d", id); 1797 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1798 return STATUS_ERROR(ERROR_ILLEGAL_ARGUMENT, msg.string()); 1799 } 1800 default: { 1801 String8 msg = String8::format("Unknown device version %d for device %d", 1802 deviceVersion, id); 1803 ALOGE("%s: %s", __FUNCTION__, msg.string()); 1804 return STATUS_ERROR(ERROR_INVALID_OPERATION, msg.string()); 1805 } 1806 } 1807 1808 return Status::ok(); 1809} 1810 1811void CameraService::removeByClient(const BasicClient* client) { 1812 Mutex::Autolock lock(mServiceLock); 1813 for (auto& i : mActiveClientManager.getAll()) { 1814 auto clientSp = i->getValue(); 1815 if (clientSp.get() == client) { 1816 mActiveClientManager.remove(i); 1817 } 1818 } 1819} 1820 1821bool CameraService::evictClientIdByRemote(const wp<IBinder>& remote) { 1822 const int callingPid = getCallingPid(); 1823 const int servicePid = getpid(); 1824 bool ret = false; 1825 { 1826 // Acquire mServiceLock and prevent other clients from connecting 1827 std::unique_ptr<AutoConditionLock> lock = 1828 AutoConditionLock::waitAndAcquire(mServiceLockWrapper); 1829 1830 1831 std::vector<sp<BasicClient>> evicted; 1832 for (auto& i : mActiveClientManager.getAll()) { 1833 auto clientSp = i->getValue(); 1834 if (clientSp.get() == nullptr) { 1835 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__); 1836 mActiveClientManager.remove(i); 1837 continue; 1838 } 1839 if (remote == clientSp->getRemote() && (callingPid == servicePid || 1840 callingPid == clientSp->getClientPid())) { 1841 mActiveClientManager.remove(i); 1842 evicted.push_back(clientSp); 1843 1844 // Notify the client of disconnection 1845 clientSp->notifyError( 1846 hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_DISCONNECTED, 1847 CaptureResultExtras()); 1848 } 1849 } 1850 1851 // Do not hold mServiceLock while disconnecting clients, but retain the condition blocking 1852 // other clients from connecting in mServiceLockWrapper if held 1853 mServiceLock.unlock(); 1854 1855 // Do not clear caller identity, remote caller should be client proccess 1856 1857 for (auto& i : evicted) { 1858 if (i.get() != nullptr) { 1859 i->disconnect(); 1860 ret = true; 1861 } 1862 } 1863 1864 // Reacquire mServiceLock 1865 mServiceLock.lock(); 1866 1867 } // lock is destroyed, allow further connect calls 1868 1869 return ret; 1870} 1871 1872 1873/** 1874 * Check camera capabilities, such as support for basic color operation 1875 * Also check that the device HAL version is still in support 1876 */ 1877int CameraService::checkCameraCapabilities(int id, camera_info info, int *latestStrangeCameraId) { 1878 // device_version undefined in CAMERA_MODULE_API_VERSION_1_0, 1879 // All CAMERA_MODULE_API_VERSION_1_0 devices are backward-compatible 1880 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_0) { 1881 // Verify the device version is in the supported range 1882 switch (info.device_version) { 1883 case CAMERA_DEVICE_API_VERSION_1_0: 1884 case CAMERA_DEVICE_API_VERSION_3_0: 1885 case CAMERA_DEVICE_API_VERSION_3_1: 1886 case CAMERA_DEVICE_API_VERSION_3_2: 1887 case CAMERA_DEVICE_API_VERSION_3_3: 1888 case CAMERA_DEVICE_API_VERSION_3_4: 1889 // in support 1890 break; 1891 case CAMERA_DEVICE_API_VERSION_2_0: 1892 case CAMERA_DEVICE_API_VERSION_2_1: 1893 // no longer supported 1894 default: 1895 ALOGE("%s: Device %d has HAL version %x, which is not supported", 1896 __FUNCTION__, id, info.device_version); 1897 String8 msg = String8::format( 1898 "Unsupported device HAL version %x for device %d", 1899 info.device_version, id); 1900 logServiceError(msg.string(), NO_INIT); 1901 return NO_INIT; 1902 } 1903 } 1904 1905 // Assume all devices pre-v3.3 are backward-compatible 1906 bool isBackwardCompatible = true; 1907 if (mModule->getModuleApiVersion() >= CAMERA_MODULE_API_VERSION_2_0 1908 && info.device_version >= CAMERA_DEVICE_API_VERSION_3_3) { 1909 isBackwardCompatible = false; 1910 status_t res; 1911 camera_metadata_ro_entry_t caps; 1912 res = find_camera_metadata_ro_entry( 1913 info.static_camera_characteristics, 1914 ANDROID_REQUEST_AVAILABLE_CAPABILITIES, 1915 &caps); 1916 if (res != 0) { 1917 ALOGW("%s: Unable to find camera capabilities for camera device %d", 1918 __FUNCTION__, id); 1919 caps.count = 0; 1920 } 1921 for (size_t i = 0; i < caps.count; i++) { 1922 if (caps.data.u8[i] == 1923 ANDROID_REQUEST_AVAILABLE_CAPABILITIES_BACKWARD_COMPATIBLE) { 1924 isBackwardCompatible = true; 1925 break; 1926 } 1927 } 1928 } 1929 1930 if (!isBackwardCompatible) { 1931 mNumberOfNormalCameras--; 1932 *latestStrangeCameraId = id; 1933 } else { 1934 if (id > *latestStrangeCameraId) { 1935 ALOGE("%s: Normal camera ID %d higher than strange camera ID %d. " 1936 "This is not allowed due backward-compatibility requirements", 1937 __FUNCTION__, id, *latestStrangeCameraId); 1938 logServiceError("Invalid order of camera devices", NO_INIT); 1939 mNumberOfCameras = 0; 1940 mNumberOfNormalCameras = 0; 1941 return NO_INIT; 1942 } 1943 } 1944 return OK; 1945} 1946 1947std::shared_ptr<CameraService::CameraState> CameraService::getCameraState( 1948 const String8& cameraId) const { 1949 std::shared_ptr<CameraState> state; 1950 { 1951 Mutex::Autolock lock(mCameraStatesLock); 1952 auto iter = mCameraStates.find(cameraId); 1953 if (iter != mCameraStates.end()) { 1954 state = iter->second; 1955 } 1956 } 1957 return state; 1958} 1959 1960sp<CameraService::BasicClient> CameraService::removeClientLocked(const String8& cameraId) { 1961 // Remove from active clients list 1962 auto clientDescriptorPtr = mActiveClientManager.remove(cameraId); 1963 if (clientDescriptorPtr == nullptr) { 1964 ALOGW("%s: Could not evict client, no client for camera ID %s", __FUNCTION__, 1965 cameraId.string()); 1966 return sp<BasicClient>{nullptr}; 1967 } 1968 1969 return clientDescriptorPtr->getValue(); 1970} 1971 1972void CameraService::doUserSwitch(const std::vector<int32_t>& newUserIds) { 1973 // Acquire mServiceLock and prevent other clients from connecting 1974 std::unique_ptr<AutoConditionLock> lock = 1975 AutoConditionLock::waitAndAcquire(mServiceLockWrapper); 1976 1977 std::set<userid_t> newAllowedUsers; 1978 for (size_t i = 0; i < newUserIds.size(); i++) { 1979 if (newUserIds[i] < 0) { 1980 ALOGE("%s: Bad user ID %d given during user switch, ignoring.", 1981 __FUNCTION__, newUserIds[i]); 1982 return; 1983 } 1984 newAllowedUsers.insert(static_cast<userid_t>(newUserIds[i])); 1985 } 1986 1987 1988 if (newAllowedUsers == mAllowedUsers) { 1989 ALOGW("%s: Received notification of user switch with no updated user IDs.", __FUNCTION__); 1990 return; 1991 } 1992 1993 logUserSwitch(mAllowedUsers, newAllowedUsers); 1994 1995 mAllowedUsers = std::move(newAllowedUsers); 1996 1997 // Current user has switched, evict all current clients. 1998 std::vector<sp<BasicClient>> evicted; 1999 for (auto& i : mActiveClientManager.getAll()) { 2000 auto clientSp = i->getValue(); 2001 2002 if (clientSp.get() == nullptr) { 2003 ALOGE("%s: Dead client still in mActiveClientManager.", __FUNCTION__); 2004 continue; 2005 } 2006 2007 // Don't evict clients that are still allowed. 2008 uid_t clientUid = clientSp->getClientUid(); 2009 userid_t clientUserId = multiuser_get_user_id(clientUid); 2010 if (mAllowedUsers.find(clientUserId) != mAllowedUsers.end()) { 2011 continue; 2012 } 2013 2014 evicted.push_back(clientSp); 2015 2016 String8 curTime = getFormattedCurrentTime(); 2017 2018 ALOGE("Evicting conflicting client for camera ID %s due to user change", 2019 i->getKey().string()); 2020 2021 // Log the clients evicted 2022 logEvent(String8::format("EVICT device %s client held by package %s (PID %" 2023 PRId32 ", priority %" PRId32 ")\n - Evicted due to user switch.", 2024 i->getKey().string(), String8{clientSp->getPackageName()}.string(), 2025 i->getOwnerId(), i->getPriority())); 2026 2027 } 2028 2029 // Do not hold mServiceLock while disconnecting clients, but retain the condition 2030 // blocking other clients from connecting in mServiceLockWrapper if held. 2031 mServiceLock.unlock(); 2032 2033 // Clear caller identity temporarily so client disconnect PID checks work correctly 2034 int64_t token = IPCThreadState::self()->clearCallingIdentity(); 2035 2036 for (auto& i : evicted) { 2037 i->disconnect(); 2038 } 2039 2040 IPCThreadState::self()->restoreCallingIdentity(token); 2041 2042 // Reacquire mServiceLock 2043 mServiceLock.lock(); 2044} 2045 2046void CameraService::logEvent(const char* event) { 2047 String8 curTime = getFormattedCurrentTime(); 2048 Mutex::Autolock l(mLogLock); 2049 mEventLog.add(String8::format("%s : %s", curTime.string(), event)); 2050} 2051 2052void CameraService::logDisconnected(const char* cameraId, int clientPid, 2053 const char* clientPackage) { 2054 // Log the clients evicted 2055 logEvent(String8::format("DISCONNECT device %s client for package %s (PID %d)", cameraId, 2056 clientPackage, clientPid)); 2057} 2058 2059void CameraService::logConnected(const char* cameraId, int clientPid, 2060 const char* clientPackage) { 2061 // Log the clients evicted 2062 logEvent(String8::format("CONNECT device %s client for package %s (PID %d)", cameraId, 2063 clientPackage, clientPid)); 2064} 2065 2066void CameraService::logRejected(const char* cameraId, int clientPid, 2067 const char* clientPackage, const char* reason) { 2068 // Log the client rejected 2069 logEvent(String8::format("REJECT device %s client for package %s (PID %d), reason: (%s)", 2070 cameraId, clientPackage, clientPid, reason)); 2071} 2072 2073void CameraService::logUserSwitch(const std::set<userid_t>& oldUserIds, 2074 const std::set<userid_t>& newUserIds) { 2075 String8 newUsers = toString(newUserIds); 2076 String8 oldUsers = toString(oldUserIds); 2077 // Log the new and old users 2078 logEvent(String8::format("USER_SWITCH previous allowed users: %s , current allowed users: %s", 2079 oldUsers.string(), newUsers.string())); 2080} 2081 2082void CameraService::logDeviceRemoved(const char* cameraId, const char* reason) { 2083 // Log the device removal 2084 logEvent(String8::format("REMOVE device %s, reason: (%s)", cameraId, reason)); 2085} 2086 2087void CameraService::logDeviceAdded(const char* cameraId, const char* reason) { 2088 // Log the device removal 2089 logEvent(String8::format("ADD device %s, reason: (%s)", cameraId, reason)); 2090} 2091 2092void CameraService::logClientDied(int clientPid, const char* reason) { 2093 // Log the device removal 2094 logEvent(String8::format("DIED client(s) with PID %d, reason: (%s)", clientPid, reason)); 2095} 2096 2097void CameraService::logServiceError(const char* msg, int errorCode) { 2098 String8 curTime = getFormattedCurrentTime(); 2099 logEvent(String8::format("SERVICE ERROR: %s : %d (%s)", msg, errorCode, strerror(-errorCode))); 2100} 2101 2102status_t CameraService::onTransact(uint32_t code, const Parcel& data, Parcel* reply, 2103 uint32_t flags) { 2104 2105 const int pid = getCallingPid(); 2106 const int selfPid = getpid(); 2107 2108 // Permission checks 2109 switch (code) { 2110 case BnCameraService::NOTIFYSYSTEMEVENT: { 2111 if (pid != selfPid) { 2112 // Ensure we're being called by system_server, or similar process with 2113 // permissions to notify the camera service about system events 2114 if (!checkCallingPermission( 2115 String16("android.permission.CAMERA_SEND_SYSTEM_EVENTS"))) { 2116 const int uid = getCallingUid(); 2117 ALOGE("Permission Denial: cannot send updates to camera service about system" 2118 " events from pid=%d, uid=%d", pid, uid); 2119 return PERMISSION_DENIED; 2120 } 2121 } 2122 break; 2123 } 2124 } 2125 2126 return BnCameraService::onTransact(code, data, reply, flags); 2127} 2128 2129// We share the media players for shutter and recording sound for all clients. 2130// A reference count is kept to determine when we will actually release the 2131// media players. 2132 2133MediaPlayer* CameraService::newMediaPlayer(const char *file) { 2134 MediaPlayer* mp = new MediaPlayer(); 2135 if (mp->setDataSource(NULL /* httpService */, file, NULL) == NO_ERROR) { 2136 mp->setAudioStreamType(AUDIO_STREAM_ENFORCED_AUDIBLE); 2137 mp->prepare(); 2138 } else { 2139 ALOGE("Failed to load CameraService sounds: %s", file); 2140 return NULL; 2141 } 2142 return mp; 2143} 2144 2145void CameraService::loadSound() { 2146 ATRACE_CALL(); 2147 2148 Mutex::Autolock lock(mSoundLock); 2149 LOG1("CameraService::loadSound ref=%d", mSoundRef); 2150 if (mSoundRef++) return; 2151 2152 mSoundPlayer[SOUND_SHUTTER] = newMediaPlayer("/system/media/audio/ui/camera_click.ogg"); 2153 mSoundPlayer[SOUND_RECORDING_START] = newMediaPlayer("/system/media/audio/ui/VideoRecord.ogg"); 2154 mSoundPlayer[SOUND_RECORDING_STOP] = newMediaPlayer("/system/media/audio/ui/VideoStop.ogg"); 2155} 2156 2157void CameraService::releaseSound() { 2158 Mutex::Autolock lock(mSoundLock); 2159 LOG1("CameraService::releaseSound ref=%d", mSoundRef); 2160 if (--mSoundRef) return; 2161 2162 for (int i = 0; i < NUM_SOUNDS; i++) { 2163 if (mSoundPlayer[i] != 0) { 2164 mSoundPlayer[i]->disconnect(); 2165 mSoundPlayer[i].clear(); 2166 } 2167 } 2168} 2169 2170void CameraService::playSound(sound_kind kind) { 2171 ATRACE_CALL(); 2172 2173 LOG1("playSound(%d)", kind); 2174 Mutex::Autolock lock(mSoundLock); 2175 sp<MediaPlayer> player = mSoundPlayer[kind]; 2176 if (player != 0) { 2177 player->seekTo(0); 2178 player->start(); 2179 } 2180} 2181 2182// ---------------------------------------------------------------------------- 2183 2184CameraService::Client::Client(const sp<CameraService>& cameraService, 2185 const sp<ICameraClient>& cameraClient, 2186 const String16& clientPackageName, 2187 int cameraId, int cameraFacing, 2188 int clientPid, uid_t clientUid, 2189 int servicePid) : 2190 CameraService::BasicClient(cameraService, 2191 IInterface::asBinder(cameraClient), 2192 clientPackageName, 2193 cameraId, cameraFacing, 2194 clientPid, clientUid, 2195 servicePid) 2196{ 2197 int callingPid = getCallingPid(); 2198 LOG1("Client::Client E (pid %d, id %d)", callingPid, cameraId); 2199 2200 mRemoteCallback = cameraClient; 2201 2202 cameraService->loadSound(); 2203 2204 LOG1("Client::Client X (pid %d, id %d)", callingPid, cameraId); 2205} 2206 2207// tear down the client 2208CameraService::Client::~Client() { 2209 ALOGV("~Client"); 2210 mDestructionStarted = true; 2211 2212 mCameraService->releaseSound(); 2213 // unconditionally disconnect. function is idempotent 2214 Client::disconnect(); 2215} 2216 2217CameraService::BasicClient::BasicClient(const sp<CameraService>& cameraService, 2218 const sp<IBinder>& remoteCallback, 2219 const String16& clientPackageName, 2220 int cameraId, int cameraFacing, 2221 int clientPid, uid_t clientUid, 2222 int servicePid): 2223 mClientPackageName(clientPackageName), mDisconnected(false) 2224{ 2225 mCameraService = cameraService; 2226 mRemoteBinder = remoteCallback; 2227 mCameraId = cameraId; 2228 mCameraFacing = cameraFacing; 2229 mClientPid = clientPid; 2230 mClientUid = clientUid; 2231 mServicePid = servicePid; 2232 mOpsActive = false; 2233 mDestructionStarted = false; 2234 2235 // In some cases the calling code has no access to the package it runs under. 2236 // For example, NDK camera API. 2237 // In this case we will get the packages for the calling UID and pick the first one 2238 // for attributing the app op. This will work correctly for runtime permissions 2239 // as for legacy apps we will toggle the app op for all packages in the UID. 2240 // The caveat is that the operation may be attributed to the wrong package and 2241 // stats based on app ops may be slightly off. 2242 if (mClientPackageName.size() <= 0) { 2243 sp<IServiceManager> sm = defaultServiceManager(); 2244 sp<IBinder> binder = sm->getService(String16(kPermissionServiceName)); 2245 if (binder == 0) { 2246 ALOGE("Cannot get permission service"); 2247 // Leave mClientPackageName unchanged (empty) and the further interaction 2248 // with camera will fail in BasicClient::startCameraOps 2249 return; 2250 } 2251 2252 sp<IPermissionController> permCtrl = interface_cast<IPermissionController>(binder); 2253 Vector<String16> packages; 2254 2255 permCtrl->getPackagesForUid(mClientUid, packages); 2256 2257 if (packages.isEmpty()) { 2258 ALOGE("No packages for calling UID"); 2259 // Leave mClientPackageName unchanged (empty) and the further interaction 2260 // with camera will fail in BasicClient::startCameraOps 2261 return; 2262 } 2263 mClientPackageName = packages[0]; 2264 } 2265} 2266 2267CameraService::BasicClient::~BasicClient() { 2268 ALOGV("~BasicClient"); 2269 mDestructionStarted = true; 2270} 2271 2272binder::Status CameraService::BasicClient::disconnect() { 2273 binder::Status res = Status::ok(); 2274 if (mDisconnected) { 2275 return res; 2276 } 2277 mDisconnected = true; 2278 2279 mCameraService->removeByClient(this); 2280 mCameraService->logDisconnected(String8::format("%d", mCameraId), mClientPid, 2281 String8(mClientPackageName)); 2282 2283 sp<IBinder> remote = getRemote(); 2284 if (remote != nullptr) { 2285 remote->unlinkToDeath(mCameraService); 2286 } 2287 2288 finishCameraOps(); 2289 // Notify flashlight that a camera device is closed. 2290 mCameraService->mFlashlight->deviceClosed(String8::format("%d", mCameraId)); 2291 ALOGI("%s: Disconnected client for camera %d for PID %d", __FUNCTION__, mCameraId, mClientPid); 2292 2293 // client shouldn't be able to call into us anymore 2294 mClientPid = 0; 2295 2296 return res; 2297} 2298 2299status_t CameraService::BasicClient::dump(int, const Vector<String16>&) { 2300 // No dumping of clients directly over Binder, 2301 // must go through CameraService::dump 2302 android_errorWriteWithInfoLog(SN_EVENT_LOG_ID, "26265403", 2303 IPCThreadState::self()->getCallingUid(), NULL, 0); 2304 return OK; 2305} 2306 2307String16 CameraService::BasicClient::getPackageName() const { 2308 return mClientPackageName; 2309} 2310 2311 2312int CameraService::BasicClient::getClientPid() const { 2313 return mClientPid; 2314} 2315 2316uid_t CameraService::BasicClient::getClientUid() const { 2317 return mClientUid; 2318} 2319 2320bool CameraService::BasicClient::canCastToApiClient(apiLevel level) const { 2321 // Defaults to API2. 2322 return level == API_2; 2323} 2324 2325status_t CameraService::BasicClient::startCameraOps() { 2326 ATRACE_CALL(); 2327 2328 int32_t res; 2329 // Notify app ops that the camera is not available 2330 mOpsCallback = new OpsCallback(this); 2331 2332 { 2333 ALOGV("%s: Start camera ops, package name = %s, client UID = %d", 2334 __FUNCTION__, String8(mClientPackageName).string(), mClientUid); 2335 } 2336 2337 mAppOpsManager.startWatchingMode(AppOpsManager::OP_CAMERA, 2338 mClientPackageName, mOpsCallback); 2339 res = mAppOpsManager.startOp(AppOpsManager::OP_CAMERA, 2340 mClientUid, mClientPackageName); 2341 2342 if (res == AppOpsManager::MODE_ERRORED) { 2343 ALOGI("Camera %d: Access for \"%s\" has been revoked", 2344 mCameraId, String8(mClientPackageName).string()); 2345 return PERMISSION_DENIED; 2346 } 2347 2348 if (res == AppOpsManager::MODE_IGNORED) { 2349 ALOGI("Camera %d: Access for \"%s\" has been restricted", 2350 mCameraId, String8(mClientPackageName).string()); 2351 // Return the same error as for device policy manager rejection 2352 return -EACCES; 2353 } 2354 2355 mOpsActive = true; 2356 2357 // Transition device availability listeners from PRESENT -> NOT_AVAILABLE 2358 mCameraService->updateStatus(StatusInternal::NOT_AVAILABLE, 2359 String8::format("%d", mCameraId)); 2360 2361 // Transition device state to OPEN 2362 mCameraService->updateProxyDeviceState(ICameraServiceProxy::CAMERA_STATE_OPEN, 2363 String8::format("%d", mCameraId)); 2364 2365 return OK; 2366} 2367 2368status_t CameraService::BasicClient::finishCameraOps() { 2369 ATRACE_CALL(); 2370 2371 // Check if startCameraOps succeeded, and if so, finish the camera op 2372 if (mOpsActive) { 2373 // Notify app ops that the camera is available again 2374 mAppOpsManager.finishOp(AppOpsManager::OP_CAMERA, mClientUid, 2375 mClientPackageName); 2376 mOpsActive = false; 2377 2378 std::initializer_list<StatusInternal> rejected = {StatusInternal::PRESENT, 2379 StatusInternal::ENUMERATING}; 2380 2381 // Transition to PRESENT if the camera is not in either of the rejected states 2382 mCameraService->updateStatus(StatusInternal::PRESENT, 2383 String8::format("%d", mCameraId), rejected); 2384 2385 // Transition device state to CLOSED 2386 mCameraService->updateProxyDeviceState(ICameraServiceProxy::CAMERA_STATE_CLOSED, 2387 String8::format("%d", mCameraId)); 2388 } 2389 // Always stop watching, even if no camera op is active 2390 if (mOpsCallback != NULL) { 2391 mAppOpsManager.stopWatchingMode(mOpsCallback); 2392 } 2393 mOpsCallback.clear(); 2394 2395 return OK; 2396} 2397 2398void CameraService::BasicClient::opChanged(int32_t op, const String16& packageName) { 2399 ATRACE_CALL(); 2400 2401 String8 name(packageName); 2402 String8 myName(mClientPackageName); 2403 2404 if (op != AppOpsManager::OP_CAMERA) { 2405 ALOGW("Unexpected app ops notification received: %d", op); 2406 return; 2407 } 2408 2409 int32_t res; 2410 res = mAppOpsManager.checkOp(AppOpsManager::OP_CAMERA, 2411 mClientUid, mClientPackageName); 2412 ALOGV("checkOp returns: %d, %s ", res, 2413 res == AppOpsManager::MODE_ALLOWED ? "ALLOWED" : 2414 res == AppOpsManager::MODE_IGNORED ? "IGNORED" : 2415 res == AppOpsManager::MODE_ERRORED ? "ERRORED" : 2416 "UNKNOWN"); 2417 2418 if (res != AppOpsManager::MODE_ALLOWED) { 2419 ALOGI("Camera %d: Access for \"%s\" revoked", mCameraId, 2420 myName.string()); 2421 // Reset the client PID to allow server-initiated disconnect, 2422 // and to prevent further calls by client. 2423 mClientPid = getCallingPid(); 2424 CaptureResultExtras resultExtras; // a dummy result (invalid) 2425 notifyError(hardware::camera2::ICameraDeviceCallbacks::ERROR_CAMERA_SERVICE, resultExtras); 2426 disconnect(); 2427 } 2428} 2429 2430// ---------------------------------------------------------------------------- 2431 2432// Provide client strong pointer for callbacks. 2433sp<CameraService::Client> CameraService::Client::getClientFromCookie(void* user) { 2434 String8 cameraId = String8::format("%d", (int)(intptr_t) user); 2435 auto clientDescriptor = gCameraService->mActiveClientManager.get(cameraId); 2436 if (clientDescriptor != nullptr) { 2437 return sp<Client>{ 2438 static_cast<Client*>(clientDescriptor->getValue().get())}; 2439 } 2440 return sp<Client>{nullptr}; 2441} 2442 2443void CameraService::Client::notifyError(int32_t errorCode, 2444 const CaptureResultExtras& resultExtras) { 2445 (void) errorCode; 2446 (void) resultExtras; 2447 if (mRemoteCallback != NULL) { 2448 mRemoteCallback->notifyCallback(CAMERA_MSG_ERROR, CAMERA_ERROR_RELEASED, 0); 2449 } else { 2450 ALOGE("mRemoteCallback is NULL!!"); 2451 } 2452} 2453 2454// NOTE: function is idempotent 2455binder::Status CameraService::Client::disconnect() { 2456 ALOGV("Client::disconnect"); 2457 return BasicClient::disconnect(); 2458} 2459 2460bool CameraService::Client::canCastToApiClient(apiLevel level) const { 2461 return level == API_1; 2462} 2463 2464CameraService::Client::OpsCallback::OpsCallback(wp<BasicClient> client): 2465 mClient(client) { 2466} 2467 2468void CameraService::Client::OpsCallback::opChanged(int32_t op, 2469 const String16& packageName) { 2470 sp<BasicClient> client = mClient.promote(); 2471 if (client != NULL) { 2472 client->opChanged(op, packageName); 2473 } 2474} 2475 2476// ---------------------------------------------------------------------------- 2477// CameraState 2478// ---------------------------------------------------------------------------- 2479 2480CameraService::CameraState::CameraState(const String8& id, int cost, 2481 const std::set<String8>& conflicting) : mId(id), 2482 mStatus(StatusInternal::PRESENT), mCost(cost), mConflicting(conflicting) {} 2483 2484CameraService::CameraState::~CameraState() {} 2485 2486CameraService::StatusInternal CameraService::CameraState::getStatus() const { 2487 Mutex::Autolock lock(mStatusLock); 2488 return mStatus; 2489} 2490 2491CameraParameters CameraService::CameraState::getShimParams() const { 2492 return mShimParams; 2493} 2494 2495void CameraService::CameraState::setShimParams(const CameraParameters& params) { 2496 mShimParams = params; 2497} 2498 2499int CameraService::CameraState::getCost() const { 2500 return mCost; 2501} 2502 2503std::set<String8> CameraService::CameraState::getConflicting() const { 2504 return mConflicting; 2505} 2506 2507String8 CameraService::CameraState::getId() const { 2508 return mId; 2509} 2510 2511// ---------------------------------------------------------------------------- 2512// ClientEventListener 2513// ---------------------------------------------------------------------------- 2514 2515void CameraService::ClientEventListener::onClientAdded( 2516 const resource_policy::ClientDescriptor<String8, 2517 sp<CameraService::BasicClient>>& descriptor) { 2518 const auto& basicClient = descriptor.getValue(); 2519 if (basicClient.get() != nullptr) { 2520 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 2521 notifier.noteStartCamera(descriptor.getKey(), 2522 static_cast<int>(basicClient->getClientUid())); 2523 } 2524} 2525 2526void CameraService::ClientEventListener::onClientRemoved( 2527 const resource_policy::ClientDescriptor<String8, 2528 sp<CameraService::BasicClient>>& descriptor) { 2529 const auto& basicClient = descriptor.getValue(); 2530 if (basicClient.get() != nullptr) { 2531 BatteryNotifier& notifier(BatteryNotifier::getInstance()); 2532 notifier.noteStopCamera(descriptor.getKey(), 2533 static_cast<int>(basicClient->getClientUid())); 2534 } 2535} 2536 2537 2538// ---------------------------------------------------------------------------- 2539// CameraClientManager 2540// ---------------------------------------------------------------------------- 2541 2542CameraService::CameraClientManager::CameraClientManager() { 2543 setListener(std::make_shared<ClientEventListener>()); 2544} 2545 2546CameraService::CameraClientManager::~CameraClientManager() {} 2547 2548sp<CameraService::BasicClient> CameraService::CameraClientManager::getCameraClient( 2549 const String8& id) const { 2550 auto descriptor = get(id); 2551 if (descriptor == nullptr) { 2552 return sp<BasicClient>{nullptr}; 2553 } 2554 return descriptor->getValue(); 2555} 2556 2557String8 CameraService::CameraClientManager::toString() const { 2558 auto all = getAll(); 2559 String8 ret("["); 2560 bool hasAny = false; 2561 for (auto& i : all) { 2562 hasAny = true; 2563 String8 key = i->getKey(); 2564 int32_t cost = i->getCost(); 2565 int32_t pid = i->getOwnerId(); 2566 int32_t priority = i->getPriority(); 2567 auto conflicting = i->getConflicting(); 2568 auto clientSp = i->getValue(); 2569 String8 packageName; 2570 userid_t clientUserId = 0; 2571 if (clientSp.get() != nullptr) { 2572 packageName = String8{clientSp->getPackageName()}; 2573 uid_t clientUid = clientSp->getClientUid(); 2574 clientUserId = multiuser_get_user_id(clientUid); 2575 } 2576 ret.appendFormat("\n(Camera ID: %s, Cost: %" PRId32 ", PID: %" PRId32 ", Priority: %" 2577 PRId32 ", ", key.string(), cost, pid, priority); 2578 2579 if (clientSp.get() != nullptr) { 2580 ret.appendFormat("User Id: %d, ", clientUserId); 2581 } 2582 if (packageName.size() != 0) { 2583 ret.appendFormat("Client Package Name: %s", packageName.string()); 2584 } 2585 2586 ret.append(", Conflicting Client Devices: {"); 2587 for (auto& j : conflicting) { 2588 ret.appendFormat("%s, ", j.string()); 2589 } 2590 ret.append("})"); 2591 } 2592 if (hasAny) ret.append("\n"); 2593 ret.append("]\n"); 2594 return ret; 2595} 2596 2597CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor( 2598 const String8& key, const sp<BasicClient>& value, int32_t cost, 2599 const std::set<String8>& conflictingKeys, int32_t priority, int32_t ownerId) { 2600 2601 return std::make_shared<resource_policy::ClientDescriptor<String8, sp<BasicClient>>>( 2602 key, value, cost, conflictingKeys, priority, ownerId); 2603} 2604 2605CameraService::DescriptorPtr CameraService::CameraClientManager::makeClientDescriptor( 2606 const sp<BasicClient>& value, const CameraService::DescriptorPtr& partial) { 2607 return makeClientDescriptor(partial->getKey(), value, partial->getCost(), 2608 partial->getConflicting(), partial->getPriority(), partial->getOwnerId()); 2609} 2610 2611// ---------------------------------------------------------------------------- 2612 2613static const int kDumpLockRetries = 50; 2614static const int kDumpLockSleep = 60000; 2615 2616static bool tryLock(Mutex& mutex) 2617{ 2618 bool locked = false; 2619 for (int i = 0; i < kDumpLockRetries; ++i) { 2620 if (mutex.tryLock() == NO_ERROR) { 2621 locked = true; 2622 break; 2623 } 2624 usleep(kDumpLockSleep); 2625 } 2626 return locked; 2627} 2628 2629status_t CameraService::dump(int fd, const Vector<String16>& args) { 2630 ATRACE_CALL(); 2631 2632 String8 result("Dump of the Camera Service:\n"); 2633 if (checkCallingPermission(String16("android.permission.DUMP")) == false) { 2634 result = result.format("Permission Denial: " 2635 "can't dump CameraService from pid=%d, uid=%d\n", 2636 getCallingPid(), 2637 getCallingUid()); 2638 write(fd, result.string(), result.size()); 2639 } else { 2640 bool locked = tryLock(mServiceLock); 2641 // failed to lock - CameraService is probably deadlocked 2642 if (!locked) { 2643 result.append("CameraService may be deadlocked\n"); 2644 write(fd, result.string(), result.size()); 2645 } 2646 2647 bool hasClient = false; 2648 if (!mModule) { 2649 result = String8::format("No camera module available!\n"); 2650 write(fd, result.string(), result.size()); 2651 2652 // Dump event log for error information 2653 dumpEventLog(fd); 2654 2655 if (locked) mServiceLock.unlock(); 2656 return NO_ERROR; 2657 } 2658 2659 result = String8::format("Camera module HAL API version: 0x%x\n", mModule->getHalApiVersion()); 2660 result.appendFormat("Camera module API version: 0x%x\n", mModule->getModuleApiVersion()); 2661 result.appendFormat("Camera module name: %s\n", mModule->getModuleName()); 2662 result.appendFormat("Camera module author: %s\n", mModule->getModuleAuthor()); 2663 result.appendFormat("Number of camera devices: %d\n", mNumberOfCameras); 2664 result.appendFormat("Number of normal camera devices: %d\n", mNumberOfNormalCameras); 2665 String8 activeClientString = mActiveClientManager.toString(); 2666 result.appendFormat("Active Camera Clients:\n%s", activeClientString.string()); 2667 result.appendFormat("Allowed users:\n%s\n", toString(mAllowedUsers).string()); 2668 2669 sp<VendorTagDescriptor> desc = VendorTagDescriptor::getGlobalVendorTagDescriptor(); 2670 if (desc == NULL) { 2671 result.appendFormat("Vendor tags left unimplemented.\n"); 2672 } else { 2673 result.appendFormat("Vendor tag definitions:\n"); 2674 } 2675 2676 write(fd, result.string(), result.size()); 2677 2678 if (desc != NULL) { 2679 desc->dump(fd, /*verbosity*/2, /*indentation*/4); 2680 } 2681 2682 dumpEventLog(fd); 2683 2684 bool stateLocked = tryLock(mCameraStatesLock); 2685 if (!stateLocked) { 2686 result = String8::format("CameraStates in use, may be deadlocked\n"); 2687 write(fd, result.string(), result.size()); 2688 } 2689 2690 for (auto& state : mCameraStates) { 2691 String8 cameraId = state.first; 2692 result = String8::format("Camera %s information:\n", cameraId.string()); 2693 camera_info info; 2694 2695 // TODO: Change getCameraInfo + HAL to use String cameraIds 2696 status_t rc = mModule->getCameraInfo(cameraIdToInt(cameraId), &info); 2697 if (rc != OK) { 2698 result.appendFormat(" Error reading static information!\n"); 2699 write(fd, result.string(), result.size()); 2700 } else { 2701 result.appendFormat(" Facing: %s\n", 2702 info.facing == CAMERA_FACING_BACK ? "BACK" : 2703 info.facing == CAMERA_FACING_FRONT ? "FRONT" : "EXTERNAL"); 2704 result.appendFormat(" Orientation: %d\n", info.orientation); 2705 int deviceVersion; 2706 if (mModule->getModuleApiVersion() < CAMERA_MODULE_API_VERSION_2_0) { 2707 deviceVersion = CAMERA_DEVICE_API_VERSION_1_0; 2708 } else { 2709 deviceVersion = info.device_version; 2710 } 2711 2712 auto conflicting = state.second->getConflicting(); 2713 result.appendFormat(" Resource Cost: %d\n", state.second->getCost()); 2714 result.appendFormat(" Conflicting Devices:"); 2715 for (auto& id : conflicting) { 2716 result.appendFormat(" %s", id.string()); 2717 } 2718 if (conflicting.size() == 0) { 2719 result.appendFormat(" NONE"); 2720 } 2721 result.appendFormat("\n"); 2722 2723 result.appendFormat(" Device version: %#x\n", deviceVersion); 2724 if (deviceVersion >= CAMERA_DEVICE_API_VERSION_3_0) { 2725 result.appendFormat(" Device static metadata:\n"); 2726 write(fd, result.string(), result.size()); 2727 dump_indented_camera_metadata(info.static_camera_characteristics, 2728 fd, /*verbosity*/2, /*indentation*/4); 2729 } else { 2730 write(fd, result.string(), result.size()); 2731 } 2732 2733 CameraParameters p = state.second->getShimParams(); 2734 if (!p.isEmpty()) { 2735 result = String8::format(" Camera1 API shim is using parameters:\n "); 2736 write(fd, result.string(), result.size()); 2737 p.dump(fd, args); 2738 } 2739 } 2740 2741 auto clientDescriptor = mActiveClientManager.get(cameraId); 2742 if (clientDescriptor == nullptr) { 2743 result = String8::format(" Device %s is closed, no client instance\n", 2744 cameraId.string()); 2745 write(fd, result.string(), result.size()); 2746 continue; 2747 } 2748 hasClient = true; 2749 result = String8::format(" Device %s is open. Client instance dump:\n\n", 2750 cameraId.string()); 2751 result.appendFormat("Client priority level: %d\n", clientDescriptor->getPriority()); 2752 result.appendFormat("Client PID: %d\n", clientDescriptor->getOwnerId()); 2753 2754 auto client = clientDescriptor->getValue(); 2755 result.appendFormat("Client package: %s\n", 2756 String8(client->getPackageName()).string()); 2757 write(fd, result.string(), result.size()); 2758 2759 client->dumpClient(fd, args); 2760 } 2761 2762 if (stateLocked) mCameraStatesLock.unlock(); 2763 2764 if (!hasClient) { 2765 result = String8::format("\nNo active camera clients yet.\n"); 2766 write(fd, result.string(), result.size()); 2767 } 2768 2769 if (locked) mServiceLock.unlock(); 2770 2771 // Dump camera traces if there were any 2772 write(fd, "\n", 1); 2773 camera3::CameraTraces::dump(fd, args); 2774 2775 // Process dump arguments, if any 2776 int n = args.size(); 2777 String16 verboseOption("-v"); 2778 String16 unreachableOption("--unreachable"); 2779 for (int i = 0; i < n; i++) { 2780 if (args[i] == verboseOption) { 2781 // change logging level 2782 if (i + 1 >= n) continue; 2783 String8 levelStr(args[i+1]); 2784 int level = atoi(levelStr.string()); 2785 result = String8::format("\nSetting log level to %d.\n", level); 2786 setLogLevel(level); 2787 write(fd, result.string(), result.size()); 2788 } else if (args[i] == unreachableOption) { 2789 // Dump memory analysis 2790 // TODO - should limit be an argument parameter? 2791 UnreachableMemoryInfo info; 2792 bool success = GetUnreachableMemory(info, /*limit*/ 10000); 2793 if (!success) { 2794 dprintf(fd, "\nUnable to dump unreachable memory. " 2795 "Try disabling SELinux enforcement.\n"); 2796 } else { 2797 dprintf(fd, "\nDumping unreachable memory:\n"); 2798 std::string s = info.ToString(/*log_contents*/ true); 2799 write(fd, s.c_str(), s.size()); 2800 } 2801 } 2802 } 2803 } 2804 return NO_ERROR; 2805} 2806 2807void CameraService::dumpEventLog(int fd) { 2808 String8 result = String8("\nPrior client events (most recent at top):\n"); 2809 2810 Mutex::Autolock l(mLogLock); 2811 for (const auto& msg : mEventLog) { 2812 result.appendFormat(" %s\n", msg.string()); 2813 } 2814 2815 if (mEventLog.size() == DEFAULT_EVENT_LOG_LENGTH) { 2816 result.append(" ...\n"); 2817 } else if (mEventLog.size() == 0) { 2818 result.append(" [no events yet]\n"); 2819 } 2820 result.append("\n"); 2821 2822 write(fd, result.string(), result.size()); 2823} 2824 2825void CameraService::handleTorchClientBinderDied(const wp<IBinder> &who) { 2826 Mutex::Autolock al(mTorchClientMapMutex); 2827 for (size_t i = 0; i < mTorchClientMap.size(); i++) { 2828 if (mTorchClientMap[i] == who) { 2829 // turn off the torch mode that was turned on by dead client 2830 String8 cameraId = mTorchClientMap.keyAt(i); 2831 status_t res = mFlashlight->setTorchMode(cameraId, false); 2832 if (res) { 2833 ALOGE("%s: torch client died but couldn't turn off torch: " 2834 "%s (%d)", __FUNCTION__, strerror(-res), res); 2835 return; 2836 } 2837 mTorchClientMap.removeItemsAt(i); 2838 break; 2839 } 2840 } 2841} 2842 2843/*virtual*/void CameraService::binderDied(const wp<IBinder> &who) { 2844 2845 /** 2846 * While tempting to promote the wp<IBinder> into a sp, it's actually not supported by the 2847 * binder driver 2848 */ 2849 2850 logClientDied(getCallingPid(), String8("Binder died unexpectedly")); 2851 2852 // check torch client 2853 handleTorchClientBinderDied(who); 2854 2855 // check camera device client 2856 if(!evictClientIdByRemote(who)) { 2857 ALOGV("%s: Java client's binder death already cleaned up (normal case)", __FUNCTION__); 2858 return; 2859 } 2860 2861 ALOGE("%s: Java client's binder died, removing it from the list of active clients", 2862 __FUNCTION__); 2863} 2864 2865void CameraService::updateStatus(StatusInternal status, const String8& cameraId) { 2866 updateStatus(status, cameraId, {}); 2867} 2868 2869void CameraService::updateStatus(StatusInternal status, const String8& cameraId, 2870 std::initializer_list<StatusInternal> rejectSourceStates) { 2871 // Do not lock mServiceLock here or can get into a deadlock from 2872 // connect() -> disconnect -> updateStatus 2873 2874 auto state = getCameraState(cameraId); 2875 2876 if (state == nullptr) { 2877 ALOGW("%s: Could not update the status for %s, no such device exists", __FUNCTION__, 2878 cameraId.string()); 2879 return; 2880 } 2881 2882 // Update the status for this camera state, then send the onStatusChangedCallbacks to each 2883 // of the listeners with both the mStatusStatus and mStatusListenerLock held 2884 state->updateStatus(status, cameraId, rejectSourceStates, [this] 2885 (const String8& cameraId, StatusInternal status) { 2886 2887 if (status != StatusInternal::ENUMERATING) { 2888 // Update torch status if it has a flash unit. 2889 Mutex::Autolock al(mTorchStatusMutex); 2890 TorchModeStatus torchStatus; 2891 if (getTorchStatusLocked(cameraId, &torchStatus) != 2892 NAME_NOT_FOUND) { 2893 TorchModeStatus newTorchStatus = 2894 status == StatusInternal::PRESENT ? 2895 TorchModeStatus::AVAILABLE_OFF : 2896 TorchModeStatus::NOT_AVAILABLE; 2897 if (torchStatus != newTorchStatus) { 2898 onTorchStatusChangedLocked(cameraId, newTorchStatus); 2899 } 2900 } 2901 } 2902 2903 Mutex::Autolock lock(mStatusListenerLock); 2904 2905 for (auto& listener : mListenerList) { 2906 listener->onStatusChanged(mapToInterface(status), String16(cameraId)); 2907 } 2908 }); 2909} 2910 2911template<class Func> 2912void CameraService::CameraState::updateStatus(StatusInternal status, 2913 const String8& cameraId, 2914 std::initializer_list<StatusInternal> rejectSourceStates, 2915 Func onStatusUpdatedLocked) { 2916 Mutex::Autolock lock(mStatusLock); 2917 StatusInternal oldStatus = mStatus; 2918 mStatus = status; 2919 2920 if (oldStatus == status) { 2921 return; 2922 } 2923 2924 ALOGV("%s: Status has changed for camera ID %s from %#x to %#x", __FUNCTION__, 2925 cameraId.string(), oldStatus, status); 2926 2927 if (oldStatus == StatusInternal::NOT_PRESENT && 2928 (status != StatusInternal::PRESENT && 2929 status != StatusInternal::ENUMERATING)) { 2930 2931 ALOGW("%s: From NOT_PRESENT can only transition into PRESENT or ENUMERATING", 2932 __FUNCTION__); 2933 mStatus = oldStatus; 2934 return; 2935 } 2936 2937 /** 2938 * Sometimes we want to conditionally do a transition. 2939 * For example if a client disconnects, we want to go to PRESENT 2940 * only if we weren't already in NOT_PRESENT or ENUMERATING. 2941 */ 2942 for (auto& rejectStatus : rejectSourceStates) { 2943 if (oldStatus == rejectStatus) { 2944 ALOGV("%s: Rejecting status transition for Camera ID %s, since the source " 2945 "state was was in one of the bad states.", __FUNCTION__, cameraId.string()); 2946 mStatus = oldStatus; 2947 return; 2948 } 2949 } 2950 2951 onStatusUpdatedLocked(cameraId, status); 2952} 2953 2954void CameraService::updateProxyDeviceState(ICameraServiceProxy::CameraState newState, 2955 const String8& cameraId) { 2956 sp<ICameraServiceProxy> proxyBinder = getCameraServiceProxy(); 2957 if (proxyBinder == nullptr) return; 2958 String16 id(cameraId); 2959 proxyBinder->notifyCameraState(id, newState); 2960} 2961 2962status_t CameraService::getTorchStatusLocked( 2963 const String8& cameraId, 2964 TorchModeStatus *status) const { 2965 if (!status) { 2966 return BAD_VALUE; 2967 } 2968 ssize_t index = mTorchStatusMap.indexOfKey(cameraId); 2969 if (index == NAME_NOT_FOUND) { 2970 // invalid camera ID or the camera doesn't have a flash unit 2971 return NAME_NOT_FOUND; 2972 } 2973 2974 *status = mTorchStatusMap.valueAt(index); 2975 return OK; 2976} 2977 2978status_t CameraService::setTorchStatusLocked(const String8& cameraId, 2979 TorchModeStatus status) { 2980 ssize_t index = mTorchStatusMap.indexOfKey(cameraId); 2981 if (index == NAME_NOT_FOUND) { 2982 return BAD_VALUE; 2983 } 2984 mTorchStatusMap.editValueAt(index) = status; 2985 2986 return OK; 2987} 2988 2989}; // namespace android 2990